a2enmod ssl \nsystemctl restart apache2<\/pre>\nSe activeaza suportul pentru „perfect forward secrecy” in modulul ssl:<\/p>\n
nano\u00a0\/etc\/apache2\/mods-available\/ssl.conf<\/pre>\nSe activeaza \u00a0„SSLHonorCipherOrder on”<\/em> si se inlocuieste „SSLCipherSuite HIGH:!aNULL”<\/em> cu
\nSSLCipherSuite ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA:AES128-SHA:RC4-SHA:HIGH:!aNULL:!MD5:!ADH
\n<\/em>
\nSe salveaza fisierul si se reporneste serverul Apache<\/p>\nsystemctl restart apache2.service<\/pre>\nMai multe site-uri pe acelasi server Apache<\/strong><\/em>
\n\u00cen \/etc\/apache2\/sites-available\/<\/em> se creeaza fisierele de configurare pentru fiecare domeniu\/subdomeniu suplimentar:<\/p>\nmkdir -p \/var\/www\/marinelvis<\/span><\/em>.ro<\/span>\/subdomeniu<\/span> \ncp \/var\/www\/html\/index.html \/var\/www\/marinelvis<\/span>.ro<\/span>\/subdomeniu<\/span> \nchown -R www-data:www-data \/var\/www\nnano \/etc\/apache2\/sites-available\/subdomeniu.marinelvis.ro<\/span>.conf<\/pre>\nSe introduc informatiile pentru fiecare site\/subdomeniu \u00een parte:<\/p>\n
<VirtualHost *:80><\/em>
\nServerName subdomeniu.marinelvis.ro<\/span><\/em>
\nServerAlias www.subdomeniu.marinelvis.ro<\/span><\/em>
\nRedirect permanent \/ https:\/\/subdomeniu.marinelvis.ro<\/span><\/em>
\nDocumentRoot \/var\/www\/marinelvis<\/span>.ro<\/span>\/subdomeniu<\/span><\/em>
\n<\/VirtualHost><\/em>
\n<VirtualHost *:443><\/em>
\nServerAdmin webmaster@localhost<\/span><\/em>
\nServerName subdomeniu.marinelvis.ro<\/span><\/em>
\nDocumentRoot \/var\/www\/marinelvis<\/span>.ro<\/span>\/subdomeniu <\/span><\/em>
\nSSLEngine on <\/em>
\nSSLCertificateFile \/etc\/letsencrypt\/live\/marinelvis<\/span>.ro<\/span>\/fullchain.pem <\/em>
\nSSLCertificateKeyFile \/etc\/letsencrypt\/live\/marinelvis<\/span>.ro<\/span>\/privkey.pem <\/em>
\nErrorLog ${APACHE_LOG_DIR}\/error.log<\/em>
\nCustomLog ${APACHE_LOG_DIR}\/access.log combined<\/em>
\n<\/VirtualHost><\/em><\/p><\/blockquote>\nSe salveaza fisierele, se activeaza fiecare site \u00een parte \u015fi se reporneste Apache:<\/p>\n
a2ensite subdomeniu.marinelvis.ro<\/span>.conf\nsystemctl restart apache2.service<\/pre>\nCertificatele Let’s Encrypt se reinnoiesc la fiecare 90 de zile. Pentru reinnoirea cu subdomenii se editeaza fisierul de configurare marinelvis<\/span><\/em>.ro<\/span><\/em>.conf din \/etc\/letsencrypt\/renewal<\/em>. La\u00a0[renewalparams]<\/em> se introduce randul:<\/p>\nallow_subset_of_names = True<\/em><\/p><\/blockquote>\nRevocarea certificatelor se face cu comanda:<\/p>\n
certbot revoke --cert-path \/etc\/letsencrypt\/archive\/marinelvis<\/span>.ro<\/span>\/cert1.pem<\/pre>\n","protected":false},"excerpt":{"rendered":"Se actualizeaza sursele: apt update Se instaleaza Certbot: apt install -y python3-certbot-apache certbot –apache Certbot genereaza certificatele localizate in \/etc\/letsencrypt\/live\/marinelvis.xyz\/ a. HTTP Challenge validation Se opreste serverul Apache apoi se genereaza certificatul: systemctl stop apache2.service certbot certonly –standalone -d marinelvis.ro -d marinelvis.ro b. Obtinerea certificatelor Let’s Encrypt cu wildcard Se opreste serverul Apache\u00a0apoi se genereaza […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-322","post","type-post","status-publish","format-standard","hentry","category-fara-categorie"],"_links":{"self":[{"href":"https:\/\/marinelvis.xyz\/index.php\/wp-json\/wp\/v2\/posts\/322","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/marinelvis.xyz\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/marinelvis.xyz\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/marinelvis.xyz\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/marinelvis.xyz\/index.php\/wp-json\/wp\/v2\/comments?post=322"}],"version-history":[{"count":0,"href":"https:\/\/marinelvis.xyz\/index.php\/wp-json\/wp\/v2\/posts\/322\/revisions"}],"wp:attachment":[{"href":"https:\/\/marinelvis.xyz\/index.php\/wp-json\/wp\/v2\/media?parent=322"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/marinelvis.xyz\/index.php\/wp-json\/wp\/v2\/categories?post=322"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/marinelvis.xyz\/index.php\/wp-json\/wp\/v2\/tags?post=322"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}