The tutorial has been prepared for Debian/Ubuntu and requires SSH root access (sudo privileges)
For other Linux distributions please see https://certbot.eff.org/ instructions to generate certificates and adapt script create-keystore.sh
Install Certbot to generate certificates
Install snapd
- Code: Select all
sudo apt update
- Code: Select all
sudo apt install snapd
LOG OUT and back in again, or restart your system, to ensure snap’s paths are updated correctly
- Code: Select all
sudo snap install core; sudo snap refresh core
Install Certbot
- Code: Select all
sudo snap install --classic certbot
Prepare the Certbot command
- Code: Select all
sudo ln -s /snap/bin/certbot /usr/bin/certbot
Either get certificates for your domain
It's the version for servers without any other web server (Apache, Nginx, etc.) working on port 80
If any web server is installed, use parameter --webroot instead of --standalone
- Code: Select all
sudo certbot certonly --standalone --email user@my-domain.com -d my-domain.com
Install certificate in AggreGate Server
Download
create-keystore.zip- (655 Bytes) Downloaded 2277 times
Upload script create-keystore.sh to your server e.g. /root/create-keystore.sh
Set your DOMAIN and PASSWORD in script create-keystore.sh then call script
- Code: Select all
sudo sh create-keystore.sh
Open AggreGate Client > Drivers/Plugins > Web Server
- AggreGate Web Server Properties.png (100.88 KiB) Viewed 52276 times
and set:
Keystore File: DOMAIN same as in the script create-keystore.sh
Keystore Password: PASSWORD same as in the script create-keystore.sh
Key Password: PASSWORD same as in the script create-keystore.sh
RESTART AggreGate Server
Certificate auto-renewal
Certboot automatically renew certificates, but doesn't install in AggreGate Server, so we need to do it e.g. once a month.
- Code: Select all
sudo crontab -e
Add a line as below to run the script every first day of the month at 4:00
- Code: Select all
0 4 1 * * sh /root/create-keystore.sh > /var/log/create-keystore.log