Commit c34da511 by Adi Amir

commit first doc: ipg-howto-update-letsencrypt-certficate.txt

parent ec49ae92
ipg-howto-update-letsencrypt-certficate.txt
-------------------------------------------
This document describes,
How to create a valid SSL certificate, using letsencrypt, on our development servers!
this updates are relevant to ipgallery-mcz.com domain only. hosts: 1.72, 1.80
\ No newline at end of file
Objective
=========
This document describes,
How to create a valid SSL certificate, using letsencrypt, on our development servers!
this updates are relevant to ipgallery-mcz.com domain only. hosts: 1.72, 1.80
A. To create a valid certifcate on ipgaley-mcz.com (1.80)
=========================================================
step 1
------
1. enter ipgallery-mcz.com: ssh root@172.16.1.80).
2. restart the front-end docker: ./sys-status.sh mcx-frontend.yml front-end
the /opt/mcz/config-letsencrypt directory should be updated with a new valid certifcate.
step 2 (on failure of step 1 only!)
-------------------------
if a valid certifcate was not created in step 1, do the following:
1. enter the front-end docker: 'docker exec -it <front-end container id> bash'
2. run: /app/le-renew.sh
the directory: /opt/mcz/config-letsencrypt should be updated with a valid certificate
browse to: https://ipgallery-mcz.com/control/app/ to verify that the website is working with a valid certificate
B. To update the developmnent server (1.72)
===========================================
1. verify that the cerificate on 1.80 is valid
(website: https://ipgallery-mcz.com/control/app/ should work without security warning)
2. enter 172.16.1.80 (ipgalley-mcz.com host)
3. goto mcz directory: cd /opt/mcz/
4. tar config-letsencrypt directory
tar cvfz config-letsencrypt.tar.gz config-letsencrypt
5. copy to host 1.72
scp config-letsencrypt.tar.gz root@172.16.1.72:/opt/mcz/
6. backup config-letsencrypt
mv /opt/mcz/config-letsencrypt /opt/mcz/config-letsencrypt.old
7. open tar
tar xvf config-letsencrypt.tar.gz
8. restart the front-end docker: ./sys-status.sh mcx-frontend.yml front-end
the /opt/mcz/config-letsencrypt directory should be updated with a new valid certifcate.
browse to: https://ipgallery-mcz.com:8072/control/app/ to verify that the website is working with a valid certificate.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment