Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
cloudappliance/applinstallv1906 [2019_11_05 00:18]
steven [Part I - Configure Networking] added Let's Encrypt section
cloudappliance/applinstallv1906 [2019_11_08 00:37] (current)
steven [Let's Encrypt SSL Certificates]
Line 110: Line 110:
  
 After successful completion, the Enterprise File Fabric will automatically start using the new certificates. ​ These certificates will last for 90 days, so the final step is to setup automated renewal. After successful completion, the Enterprise File Fabric will automatically start using the new certificates. ​ These certificates will last for 90 days, so the final step is to setup automated renewal.
 +
 +### Automatically renewing the certificate
 +
 +A Let’s Encrypt certificate is valid for 90 days, and can be automatically renewed within 30 days of expiration. A simple cron job will run daily and handle renewals.
 +
 +Please Note: The File Fabric will be inaccessible during the renewal. Please ensure that the renewal time is during off hours. Downtime will only occur every 60 days when a renewal is required and may last up to one minute.
 +
 +While still logged in as root run the following command to add a cron job.
 +
 +    crontab -e
 +
 +In the example below the renewal attempt will process at 2:30AM in the timezone of the Enterprise File Fabric. The Enterprise File Fabric ships by default with the timezone set to UTC time. Please adjust this timezone as necessary.
 +
 +    30 2 * * * /​bin/​certbot renew >> /​var/​log/​letsencrypt/​le-renew.log
 +
 +This will create a crontab entry for a cron job that will handle the renewals and write its output to a log file.
 +
 +Use https://​www.ssllabs.com/​ to test the installation.
  
 # Part II - Configure Appliance and create the first organization # Part II - Configure Appliance and create the first organization