-->
🏠 🔍
SHAREOLITE

How to renew letsencrypt certificate using certbot Linux command

LetsEncrypt community provides free HTTPS certificate for domains with a validity of 3 months and needs to be renewed once in 3 months . Web servers which are hosted on Linux operating system have option to renew HTTPS certificate using command line. Below command may be used to renew the certificate

How to renew letsencrypt certificate using certbot Linux command

 

Before exeuting this command , ensure to allow HTTP and HTTPS ports in  network firewall.

$ sudo certbot --force-renewal
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache

Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: news.testwebsitexyz.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1
Renewing an existing certificate for news.testwebsitexyz.com
Performing the following challenges:
http-01 challenge for news.testwebsitexyz.com
Waiting for verification...
Cleaning up challenges
Deploying Certificate to VirtualHost /etc/httpd/conf.d/apihttp-le-ssl.conf
Enhancement redirect was already set.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Your existing certificate has been successfully renewed, and the new certificate
has been installed.

The new certificate covers the following domains: https://news.testwebsitexyz.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/news.testwebsitexyz.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/news.testwebsitexyz.com/privkey.pem
   Your certificate will expire on <date>. To obtain a new or
   tweaked version of this certificate in the future, simply run
   certbot again with the "certonly" option. To non-interactively
   renew *all* of your certificates, run "certbot renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

Share Facebook Twitter WhatsApp Telegram LinkedIn Pinterest Reddit ✉ E-Mail
No comments:
More on
Write / View Comments ( 0 )


Related you may like

SOLVED - Tshark Wireshark Linux - Diameter Dictionary: No Vendor

It may be sometimes needed to create a user defined dictionary value in wireshark and use it using tshark command in Linux  . While implementing , one of the common errors faced may be the Dictionary: No Vendor . Root cause for this error indicates tshark is not able to find the vendor ID definition for a diameter AVP from the dictionary file

In Linux , wireshark diameter protocol dictionary is stored by default in 

Directory : /usr/share/wireshark/diameter/

Dictionary file : dictionary.xml

Error Dictionary: No Vendor is observed if tshark is unable to fund the vendor ID definition in the tags defined above the typedefn tag in dictionary.xml file. Adding the vendor ID above this tag solves the issue



            <!-- ************************************************************** -->
                <!-- ********************** End Commands ************************** -->
                <!-- ************************************************************** -->

                <vendor vendor-id="None" code="0" name="None"/>
                <vendor vendor-id="HP"    code="11"    name="Hewlett Packard"/>
                <vendor vendor-id="Sun" code="42" name="Sun Microsystems, Inc."/>
                <vendor vendor-id="Merit" code="61" name="Merit Networks"/>
                <vendor vendor-id="Nokia" code="94" name="Nokia"/>
                <vendor vendor-id="NokiaSiemensNetworks" code="28458" name="Nokia Siemens Networks"/>
                <vendor vendor-id="Ericsson"  code="193" name="Ericsson"/>
                <vendor vendor-id="USR" code="429" name="US Robotics Corp."/>
                <vendor vendor-id="ALU" code="637" name="ALU Network"/>
                <vendor vendor-id="Huawei" code="2011" name="Huawei"/>
                <vendor vendor-id="Deutsche_Telekom_AG" code="2937" name="Deutsche Telekom AG"/>
                <vendor vendor-id="TGPP2" code="5535" name="3GPP2"/>
                <vendor vendor-id="Cisco" code="5771" name="Cisco"/>
                <vendor vendor-id="SKT" code="5806" name="SK Telecom"/>
                <vendor vendor-id="TGPP"  code="10415" name="3GPP"/>
                <vendor vendor-id="Vodafone" code="12645" name="Vodafone"/>
                <vendor vendor-id="VerizonWireless" code="12951" name="Verizon Wireless"/>
                <vendor vendor-id="ETSI"  code="13019" name="ETSI"/>
                <vendor vendor-id="Tango" code="13421" name="Tango Telecom Limited"/>
                <vendor vendor-id="ChinaTelecom" code="81000" name="China Telecom"/>
                <vendor vendor-id="TGPPCX" code="16777216" name="3GPP CX/DX"/>


                <!-- ************************************************************** -->
                <!-- ************************ typedefn's ************************** -->
                <!-- ************************************************************** -->
                <typedefn type-name="OctetString"/>
 


Share Facebook Twitter WhatsApp Telegram LinkedIn Pinterest Reddit ✉ E-Mail
No comments:
More on
Write / View Comments ( 0 )


Related you may like

Linux curl command syntax and practical examples

In this post , we will learn how to use one of the most powerful commands of Linux , curl which may be used to query web servers and API specific applications. Here are few practical examples of curl command

Use case 1 : To perform a GET request for a web or API URL 

Syntax :  curl --get "End point URL"

Example : curl --get "https://shareolite.com/feeds/poster/default?alt=json&type=1&filter=latest"

Use case 2 : To perform a POST request for a web or API URL 

Syntax :  curl "End point URL"

Example : curl "https://shareolite.com/feeds/poster/default?alt=json&type=1&filter=latest"

Linux curl command syntax and practical examples

Use case 3 : POST data to a Web server or API URL

Syntax : curl --data "data to be posted" URL

Example :  curl --data "client_id=1&client_name=shareolite" "https://shareolite.com/api"

Use case 4 : POST JSON data to a Web server with body content in a file

Syntax :  curl -H "Content-Type: application/json" --data @filename URL

Example : curl -H "Content-Type: application/json" --data @body.json http://10.20.30.40/api/feed

In the body.json file above , copy the JSON content

Use case 5 : POST data with Basic Authentication

Syntax : curl --data "data to be posted" --user name:password URL

Example :  curl --data "client_id=1&client_name=shareolite" --user "testuser:testpassword" "https://shareolite.com/api"

Use case 6 : Print header information also using option -v

Syntax :  curl -H "Content-Type: application/json" --data @filename URL -v

Example : curl -H "Content-Type: application/json" --data @body.json http://10.20.30.40/api/feed -v

In the body.json file above , copy the JSON content

Use case 7 : Set Time out for connection request using --connect-timeout

Syntax : curl --connect-timeout (value in seconds) URL

Example :  

curl --connect-timeout 20 https://shareolite.com      ( 20 seconds )
curl --connect-timeout 3.14 https://shareolite.com   ( 3.14 seconds )
 

Share Facebook Twitter WhatsApp Telegram LinkedIn Pinterest Reddit ✉ E-Mail
No comments:
More on
Write / View Comments ( 0 )


Related you may like

Linux cronjobs practical examples

A cronjob is a linux scheduler utility which is part of “crond” linux service daemon used to schedule execution of  configured  tasks. There are two methods to configure the task & time of execution


  • Using the system cronjob file edit command with option –e i.e, “crontab –e
  • Using a flat file in which the list of tasks and time of execution are saved and passed as argument to the cronjob comand i.e “crontab <filename>

Syntax of a cronjob entry in a cronjob configuration file

<minute> <hour> <day of month> <month> <day of week>  <command to execute>

Field
Allowed Values
Minute
0 to 59
Hour
0 to 23
Day of Month
1 to 31
Month
1 to 12 or Names first 3 characters i.e, Jan , Feb .. Dec allowed
Day of Week
0 to 7   or Names first 3 characters i.e, Sun , Mon .. Sat allowed


Fields support value ranges , lists and step values as shown in below examples

Cronjob schedule value samples
Description
5 0 * * *
Run at 5th minute after midnight
15 14 1 * *
Run at 14:15 hrs on the 1st of every month
0 22 * * 1-5
Run at 10 PM on weekdays
5 4 * * sun
Run at 4.05 AM every Sunday
30 02 10 1,2,3 *
Run on Jan,Feb,Mar 10th at 02.30 AM
*/5 * * * *
Run every 5 minutes
0 * * * *
Run once a hour at the beginning of the hour
* * * * *
Run every minute
Verify the contents of cronjob file . Below file has 2 tasks configured

$ cat /opt/shareolite/cronjobs
*/2 * * * * sh Shareolite.sh 2>&1
00 02 * * * sh /opt/shareolite/2.sh >> /opt/shareolite.log 2>&1

Initialize cronjob file using the below command
$ crontab /opt/shareolite/cronjobs

Check the cronjob status by executing below command
$ crontab -l
*/2 * * * * sh Shareolite.sh 2>&1
00 02 * * * sh /opt/shareolite/2.sh >> /opt/shareolite.log 2>&1

Remove the cronjob by executing below command
$ crontab –r

For a linux user , only one cronjob can be initialised. Tasks requiring root user privileges are usually configured under root user. On OS reboot , tasks are reinitialised automatically and manual initialisation is not required.


Share Facebook Twitter WhatsApp Telegram LinkedIn Pinterest Reddit ✉ E-Mail
No comments:
More on
Write / View Comments ( 0 )


Related you may like

Linux iptables sample config file - NAT example

A sample linux iptables configuration file with example of Input , forward and output chain and a forwarding rule using NAT.

 # Generated by iptables-save
*nat
:PREROUTING ACCEPT [95879495:41169618280]
:POSTROUTING ACCEPT [108901633:383143482754]
:OUTPUT ACCEPT [108901761:383143490150]

 # NAT rule to route traffic from one port to another
-A PREROUTING -i eth0 -p tcp -m tcp --dport 1234 -j DNAT --to-destination 10.20.30.40:1234
COMMIT

 # Generated by iptables-save v1.3.5

 :INPUT ACCEPT [457337:38416223]
:FORWARD ACCEPT [556:36240]
:OUTPUT ACCEPT [358730:14631762]

 -A INPUT -s 10.102.1.1/255.255.255.248 -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 14531 -j REJECT --reject-with icmp-port-unreachable
-A INPUT -s 127.0.0.1 -j ACCEPT
-A INPUT -s 69.254.0.0/255.255.0.0 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 0:1023 -j REJECT --reject-with icmp-port-unreachable

 # To accept the packets for forwarding
-A FORWARD -i eth0 -j ACCEPT

 -A OUTPUT -s 127.0.0.1 -j ACCEPT
-A OUTPUT -d 10.30.40.50 -j ACCEPT
-A OUTPUT -d 20.45.55.65 -p tcp -m tcp --dport 22 -j ACCEPT
-A OUTPUT -d 34.35.36.34 -j REJECT --reject-with icmp-port-unreachable
-A OUTPUT -s 69.254.0.0/255.255.0.0 -j ACCEPT
-A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -d 127.0.0.1 -j ACCEPT
-A OUTPUT -j LOG --log-prefix "IPTABLES-OUT Default Drop: " --log-level 7
-A OUTPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 21 -j ACCEPT
COMMIT
Share Facebook Twitter WhatsApp Telegram LinkedIn Pinterest Reddit ✉ E-Mail
No comments:
More on
Write / View Comments ( 0 )


Related you may like
Subscribe to: Posts (Atom)

–>