Difference between revisions of "CentOS 7.x Owncloud bitnami lego lets-encrypt certificate renewal issue"

From Notes_Wiki
(Created page with "<yambe:breadcrumb self="Owncloud bitnami lego lets-encrypt certificate renewal issue">CentOS_7.x_owncloud|Owncloud</yambe:breadcrumb> =CentOS 7.x Owncloud bitnami lego lets-en...")
(No difference)

Revision as of 12:39, 2 April 2019

<yambe:breadcrumb self="Owncloud bitnami lego lets-encrypt certificate renewal issue">CentOS_7.x_owncloud|Owncloud</yambe:breadcrumb>

CentOS 7.x Owncloud bitnami lego lets-encrypt certificate renewal issue

It was found that on one production server /etc/lego/renew-certificate.sh with following contents: 

  #!/bin/bash
  
  /opt/owncloud-10.0.10-2/ctlscript.sh stop
  /usr/local/bin/lego --email="saurabh@rekallsoftware.com" --domains="<fqdn>" --path="/etc/lego" --http renew
  /opt/owncloud-10.0.10-2/ctlscript.sh start

stopped working. Below command was running without any output and existing with 0 status. 

    /usr/local/bin/lego --email="saurabh@rekallsoftware.com" --domains="<fqdn>" --path="/etc/lego" --http renew

The above script was created based on below reference:

To resolve following steps were used:

  1. /opt/owncloud-10.0.10-2/ctlscript.sh stop
  2. yum -y install python2-certbot-apache
  3. yum -y install httpd
  4. Created /etc/httpd/conf.d/<servername>.conf with: 
    <VirtualHost *:80>
    

    DocumentRoot "/var/www/html"
    

    ServerName <server-fqdn>
    

    

    # Other directives here
    

    </VirtualHost>
  5. systemctl start httpd
  6. Used following to create required certificate in /etc/letsencrypt/live folders: 
    certbot --apache
  7. systemctl stop httpd
  8. In above setup following symbolic links were present:
    • /etc/lego/certificates/<fqdn>.crt linked to /opt/owncloud-10.0.10-2/apache2/conf/server.crt
    • /etc/lego/certificates/<fqdn>.key linked to /opt/owncloud-10.0.10-2/apache2/conf/server.key
  9. Thus updated /etc/lego/renew-certificate.sh to have: 
    #!/bin/bash
    

    

    /opt/owncloud-10.0.10-2/ctlscript.sh stop
    

    /usr/local/bin/lego --email="saurabh@rekallsoftware.com" --domains="<fqdn>" --path="/etc/lego" --http renew
    

    #The above is not working so using certbot instead
    

    systemctl start httpd
    

    certbot renew
    

    systemctl stop httpd
    

    cp /etc/letsencrypt/live/<fqdn>/fullchain.pem /etc/lego/certificates/<fqdn>.crt
    

    cp /etc/letsencrypt/live/<fqdn>/privkey.pem /etc/lego/certificates/<fqdn>.key
    

    /opt/owncloud-10.0.10-2/ctlscript.sh start



<yambe:breadcrumb self="Owncloud bitnami lego lets-encrypt certificate renewal issue">CentOS_7.x_owncloud|Owncloud</yambe:breadcrumb>

Retrieved from "http://www.sbarjatiya.com/notes_wiki/index.php?title=CentOS_7.x_Owncloud_bitnami_lego_lets-encrypt_certificate_renewal_issue&oldid=4190"