amiro

amiro

I hope my writing will be helpful to someone.

처음의 제가 그러했듯이
제가 정리한 글들이
누군가에게 조금이나마
도움이 되기를 바라며

Apache2 - HTTPS 설정 방법

1 분 소요

Apache2 - HTTPS 설정 방법

letsencrypt certonlySSL 인증서 무료 SSL 인증서인 Let’s Encrypt의 SSL 인증서를 적용해보자.

  • project name : php-web-project
  • domain : devmiro.co.kr

1. letsencrypt 패키지 설치

sudo apt-get update (패키지 설치 전 업데이트)

sudo apt-get install letsencrypt

2. 인증서 발급(웹 프로젝트 경로 및 도메인 지정)

sudo letsencrypt certonly –webroot-path=/var/www/html/php-web-project -d devmiro.co.kr

Saving debug log to /var/log/letsencrypt/letsencrypt.log

How would you like to authenticate with the ACME CA?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Spin up a temporary webserver (standalone)
2: Place files in webroot directory (webroot)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for devmiro.co.kr
Using the webroot path /var/www/html/php-web-project for all unmatched domains.
Waiting for verification...
Cleaning up challenges

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/devmiro.co.kr/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/devmiro.co.kr/privkey.pem
   Your cert will expire on 2021-08-16. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot
   again. To non-interactively renew *all* of your certificates, run
   "certbot renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

3. 인증서 확인(설치 경로)

/etc/letsencrypt/live/내가설정한 도메인

/etc/letsencrypt/live/devmiro.co.kr/

cert.pem -> ../../archive/devmiro.co.kr/cert1.pem
chain.pem -> ../../archive/devmiro.co.kr/chain1.pem
fullchain.pem -> ../../archive/devmiro.co.kr/fullchain1.pem
privkey.pem -> ../../archive/devmiro.co.kr/privkey1.pem

추가내용

SSLCertificateFile /etc/letsencrypt/live/devmiro.co.kr/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/devmiro.co.kr/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/devmiro.co.kr/chain.pem

Apache에 SSL 사용을 설정

(1) 경로

/etc/apache2/sites-available 에서 default-ssl.conf

(2) 설정적용

sudo a2ensite default-ssl.conf

(3) SSL 실행하겠다고 명령(매우 중요)

sudo a2enmod ssl

(4) 아파치 재실행

sudo service apache2 restart

댓글남기기

참고