update knowledgebase

4a099941 · Adi Amir · 96ea2f1a · 4a099941 · 96ea2f1a
Commit 4a099941 authored Aug 15, 2019 by Adi Amir
Showing with 3 additions and 49 deletions
common/docs/knowledgeBase/certificate-maintenance.txt → common/docs/knowledgeBase/how-to-renew-certificate.txt
common/docs/knowledgeBase/howto-update-letsencrypt-certficate.txt
--- a/common/docs/knowledgeBase/certificate-maintenance.txt
+++ b/common/docs/knowledgeBase/certificate-maintenance.txt
@@ -38,6 +38,9 @@ NOTES:
 To update certifcate on one of the subdomain machines (72 or 244)
 =================================================================

+note: not relevant for now, we don't have sub-domains !!!
+
+
 1. make a tar from a valid config-letsencrypt directory in 1.80: config-letsencrypt.valid-20190616.tar.gz

 1. copy a valid crtificate directory as A tar from 1.80.

--- a/common/docs/knowledgeBase/howto-update-letsencrypt-certficate.txt
+++ b/common/docs/knowledgeBase/howto-update-letsencrypt-certficate.txt
-ipg-howto-update-letsencrypt-certficate.txt
-
-
-Objective
-=========
-This document describes,
-how to create a valid SSL certificate, using letsencrypt, on our development servers!
-these updates are relevant to ipgallery-mcz.com domain only. hosts: 1.72, 1.80
-
-
-A. To create a valid certifcate on ipgaley-mcz.com (1.80)
-=========================================================
-
-step 1
------
-1. enter ipgallery-mcz.com: ssh root@172.16.1.80).
-2. restart the front-end docker: ./sys-restart.sh mcx-frontend.yml front-end
-   the /opt/mcz/config-letsencrypt directory should be updated with a new valid certifcate.
-   browse to: https://ipgallery-mcz.com/control/app/ to verify that the website is working with a valid certificate
-
-step 2 (on failure of step 1 only!)
-----------------------------------
-if a valid certifcate was not created in step 1, do the following:
-1. enter the front-end docker: 'docker exec -it <front-end container id> bash'
-2. run: /app/le-renew.sh
-   the directory: /opt/mcz/config-letsencrypt should be updated with a valid certificate
-   browse to: https://ipgallery-mcz.com/control/app/ to verify that the website is working with a valid certificate
-
-
-B. To update the developmnent server (1.72)
-===========================================
-1. verify that the cerificate on 1.80 is valid 
-   (website: https://ipgallery-mcz.com/control/app/ should work without security warning)
-2. enter 172.16.1.80 (ipgalley-mcz.com host)
-3. goto mcz directory: cd /opt/mcz/
-4. tar config-letsencrypt directory
-   tar cvfz config-letsencrypt.tar.gz config-letsencrypt
-5. copy to host 1.72
-   scp config-letsencrypt.tar.gz root@172.16.1.72:/opt/mcz/
-6. backup config-letsencrypt
-   mv /opt/mcz/config-letsencrypt /opt/mcz/config-letsencrypt.old
-7. open tar
-   tar xvf config-letsencrypt.tar.gz
-8. restore the nginx configuration file (default)
-   copy the config file from the backuped directory
-     -  cd /opt/mcz/config-letsencrypt.old/nginx/site-confs
-     -  cp /opt/mcz/config-letsencrypt.old/nginx/site-confs/default .
-9. restart the front-end docker: ./sys-status.sh mcx-frontend.yml front-end
-   browse to: https://ipgallery-mcz.com:8072/control/app/ to verify that the website is working with a valid certificate.