You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I would like to highlight that the file SSL.md requires a small correction in this line: Syntax: ./node4ords/letsencrypt.sh <domainname> <emailaddress>
In my opinion should be: Syntax: ./node4ords/letsencrypt.sh <subdomain>.<domainname> <emailaddress>
And it would be great if an example can be provided, e.g. ./node4ords/letsencrypt.sh myserver.mydomain.com [email protected]
Also for the above to work it is mandatory that a A Record has been created and the DNS populated.
I recommend the following text (feel free to reword as you wish)
This script will generate a signed certificate for OXAR. It requires the domain name associated with the server's IP address and a valid email address. The way to associate the Server IP to a domain is by creating a "A" Record with your DNS Nameserver provider
Note: If the server's IP address is not mapped to the domain name then the scripts will fail to create a valid Certificate.
If you do run the script and Let's Encrypt fails then you can restore the SSL configuration using the above settings.
Addition:
Also I think its important to highlight the fact that the letsencrypt certificates are only valid for 3 months so it requires a scheduled and preferably automated way of renewing.
The command to renew the certificate is this:
# Hooks for releasing port 443 so the certbot can bind on it and request the cert
certbot renew --pre-hook "pm2 stop node4ords" --post-hook "pm2 start node4ords"
The command above will take care of requesting a renew of the certificate and only when possible (young certificates are not replaced even if a request is submitted), guidelines are followed by the certbot script that will help you not exceed the quotas established by Letsencrypt.
Also the node application will be shutdown and restarted in one line rather than manually stop/start with separate commands.
Ideally the command above should be added as a crontab entry. I recommend running it every 1st of the month.
The text was updated successfully, but these errors were encountered:
Edition:
I would like to highlight that the file SSL.md requires a small correction in this line:
Syntax: ./node4ords/letsencrypt.sh <domainname> <emailaddress>In my opinion should be:
Syntax: ./node4ords/letsencrypt.sh <subdomain>.<domainname> <emailaddress>And it would be great if an example can be provided, e.g.
./node4ords/letsencrypt.sh myserver.mydomain.com [email protected]Also for the above to work it is mandatory that a A Record has been created and the DNS populated.
I recommend the following text (feel free to reword as you wish)
This script will generate a signed certificate for OXAR. It requires the domain name associated with the server's IP address and a valid email address. The way to associate the Server IP to a domain is by creating a "A" Record with your DNS Nameserver provider
Note: If the server's IP address is not mapped to the domain name then the scripts will fail to create a valid Certificate.
If you do run the script and Let's Encrypt fails then you can restore the SSL configuration using the above settings.
Addition:
Also I think its important to highlight the fact that the letsencrypt certificates are only valid for 3 months so it requires a scheduled and preferably automated way of renewing.
The command to renew the certificate is this:
The command above will take care of requesting a renew of the certificate and only when possible (young certificates are not replaced even if a request is submitted), guidelines are followed by the certbot script that will help you not exceed the quotas established by Letsencrypt.
Also the node application will be shutdown and restarted in one line rather than manually stop/start with separate commands.
Ideally the command above should be added as a crontab entry. I recommend running it every 1st of the month.
The text was updated successfully, but these errors were encountered: