SSL の履歴ソース(No.3)

• 履歴一覧
• 差分 を表示
• 現在との差分 を表示
• 履歴 を表示
• SSL へ行く。
  • 1 (2017-09-26 (火) 08:12:11)
  • 2 (2017-09-26 (火) 11:11:52)
  • 3 (2017-09-26 (火) 12:08:40)
  • 4 (2017-09-26 (火) 16:03:08)
  • 5 (2017-09-27 (水) 10:36:13)
  • 6 (2018-03-05 (月) 10:10:48)
  • 7 (2018-05-24 (木) 09:47:44)
  • 8 (2018-06-08 (金) 14:01:50)
  • 9 (2019-02-19 (火) 13:28:20)
  • 10 (2021-06-13 (日) 10:13:04)
  • 11 (2022-09-14 (水) 09:47:17)
  • 12 (2023-09-08 (金) 09:54:35)
  • 13 (2023-10-13 (金) 14:26:58)
  • 14 (2023-10-18 (水) 11:22:24)

CONTENTS
#contents
----
Lastmodified　&lastmod;
----
*SSL Let's Encrypt [#hb9078f3]
https://www.google.co.jp/search?q=FreeBSD+Let%E2%80%99s+Encrypt+&oq=FreeBSD+Let%E2%80%99s+Encrypt+&gs_l=psy-ab.3..0i8i30k1.3369.7873.0.8232.9.9.0.0.0.0.113.938.2j7.9.0....0...1.1.64.psy-ab..0.9.933...0j0i13k1j0i7i30k1j0i8i7i30k1.0.QIF2pZxQwwc

https://letsencrypt.jp/

https://letsencrypt.org/

https://scratchpad.jp/https-with-lets-encrypt/

* certbot install on FreeBSD 11.0-RELEASE-p12 [#be89650c]

【参考サイト】http://blog.goo.ne.jp/low-electric-mouse/e/912c459b71887d3ca025509f7ea9897b

   987  8:32    locate certbot
   988  8:35    portinstall security/py-certbot



 Installing py27-certbot-0.18.1,1...
 ===========================================================================
 
 This port installs the "standalone" Python client only, which does not use and
 is not the certbot-auto bootstrap/wrapper script.
 
 To obtain certificates, use the 'certonly' command as follows:
 
  # sudo certbot certonly --standalone -d [server FQDN]
 
 Note: The client currently requires the ability to bind on TCP port 80. If
 you have a server running on this port, it will need to be temporarily stopped
 so that the standalone server can listen on that port to complete
 authentication.
 
 The certbot plugins to support apache and nginx certificate installation
 will be made available soon in the following ports:
 
  * Apache plugin: security/py-certbot-apache
  * Nginx plugin: security/py-certbot-nginx
 
 ===========================================================================


  # certbot certonly --standalone -d sun1.smb.net
 Traceback (most recent call last):
   File "/usr/local/bin/certbot", line 6, in <module>
     from pkg_resources import load_entry_point
   File "/usr/local/lib/python2.7/site-packages/pkg_resources/__init__.py", line 3038, in <module>
     @_call_aside
   File "/usr/local/lib/python2.7/site-packages/pkg_resources/__init__.py", line 3022, in _call_aside
     f(*args, **kwargs)
   File "/usr/local/lib/python2.7/site-packages/pkg_resources/__init__.py", line 3051, in _initialize_master_working_set
     working_set = WorkingSet._build_master()
   File "/usr/local/lib/python2.7/site-packages/pkg_resources/__init__.py", line 659, in _build_master
     return cls._build_from_requirements(__requires__)
   File "/usr/local/lib/python2.7/site-packages/pkg_resources/__init__.py", line 672, in _build_from_requirements
     dists = ws.resolve(reqs, Environment())
   File "/usr/local/lib/python2.7/site-packages/pkg_resources/__init__.py", line 862, in resolve
     raise VersionConflict(dist, req).with_context(dependent_req)
 pkg_resources.ContextualVersionConflict: (cryptography 1.7.2 (/usr/local/lib/python2.7/site-packages), Requirement.parse('cryptography>=1.9'), set(['PyOpenSSL']))

 
 # portupgrade -ar --batch


 # certbot certonly --standalone -d sun1.smb.net
 Saving debug log to /var/log/letsencrypt/letsencrypt.log
 Plugins selected: Authenticator standalone, Installer None
 Enter email address (used for urgent renewal and security notices) (Enter 'c' to
 cancel): k100rs4v@smb.net
 
 -------------------------------------------------------------------------------
 Please read the Terms of Service at
 https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf. You must agree
 in order to register with the ACME server at
 https://acme-v01.api.letsencrypt.org/directory
 -------------------------------------------------------------------------------
 (A)gree/(C)ancel: A
 
 -------------------------------------------------------------------------------
 Would you be willing to share your email address with the Electronic Frontier
 Foundation, a founding partner of the Let's Encrypt project and the non-profit
 organization that develops Certbot? We'd like to send you email about EFF and
 our work to encrypt the web, protect its users and defend digital rights.
 -------------------------------------------------------------------------------
 (Y)es/(N)o: Y
 Obtaining a new certificate
 Performing the following challenges:
 tls-sni-01 challenge for sun1.smb.net
 Cleaning up challenges
 Problem binding to port 443: Could not bind to IPv4 or IPv6.
 
 IMPORTANT NOTES:
  - Your account credentials have been saved in your Certbot
    configuration directory at /usr/local/etc/letsencrypt. You should
    make a secure backup of this folder now. This configuration
    directory will also contain certificates and private keys obtained
    by Certbot so making regular backups of this folder is ideal.
 root@sun1:~:17_09_26:10:45 #

 # apachectl stop
 Stopping apache24.
 Waiting for PIDS: 878.
 
 root@sun1:~:17_09_26:10:53 # certbot certonly --standalone -d sun1.smb.net
 Saving debug log to /var/log/letsencrypt/letsencrypt.log
 Plugins selected: Authenticator standalone, Installer None
 Obtaining a new certificate
 Performing the following challenges:
 tls-sni-01 challenge for sun1.smb.net
 Waiting for verification...
 Cleaning up challenges
 
 IMPORTANT NOTES:
  - Congratulations! Your certificate and chain have been saved at:
    /usr/local/etc/letsencrypt/live/sun1.smb.net/fullchain.pem
    Your key file has been saved at:
    /usr/local/etc/letsencrypt/live/sun1.smb.net/privkey.pem
    Your cert will expire on 2017-12-25. To obtain a new or tweaked
    version of this certificate in the future, simply run certbot
    again. To non-interactively renew *all* of your certificates, run
    "certbot renew"
  - If you like Certbot, please consider supporting our work by: 
 
    Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
    Donating to EFF:                    https://eff.org/donate-le
 
 root@sun1:~:17_09_26:10:54 #

 root@sun1:/usr/local/etc/letsencrypt:17_09_26:10:57 # ll
 total 24
 drwx------  3 root  wheel  512 Sep 26 10:42 accounts/
 drwx------  3 root  wheel  512 Sep 26 10:54 archive/
 drwxr-xr-x  2 root  wheel  512 Sep 26 10:54 csr/
 drwx------  2 root  wheel  512 Sep 26 10:54 keys/
 drwx------  3 root  wheel  512 Sep 26 10:54 live/
 drwxr-xr-x  2 root  wheel  512 Sep 26 10:54 renewal/

** /usr/local/etc/apache24/extra/httpd-ssl.conf [#m8888982]
 #SSLCertificateFile "/usr/local/etc/apache24/server.crt"
 SSLCertificateFile "/usr/local/etc/letsencrypt/live/sun1.smb.net/fullchain.pem"
 
 #SSLCertificateKeyFile "/usr/local/etc/apache24/server.key"
 SSLCertificateKeyFile "/usr/local/etc/letsencrypt/live/sun1.smb.net/privkey.pem"
  
 ServerName sun1.smb.net:443




----
Total access &counter(total);：本日 &counter(today);：昨日 &counter(yesterday);
#counter([total|today|yesterday]);