On Sun, Jul 03, 2022 at 08:52:51PM +0900, Jacques Deguest wrote: > Re, > You're probably going to need a DocRoot directive somewhere though. > You might want to check the sanity of your configuration with Apache > command line -t flag >
✓✓✓✓✓✓✓ > On 2022/07/03 19:32, Jacques Deguest wrote: > >Sure, comment out all the perl stuff that are not required for > >certbot to work, run something like: > >certbot certonly --rsa-key-size 4096 --agree-tos --email > >yongw...@gmail.com -d luck.cloudcache.net > >Get the cert, and then after uncomment what you previously > >commented out. It should work. > > > >Regards, > >Jacques > > > >On 2022/07/03 19:29, Yong Walt wrote: > >>This is my httpd.conf. > >> > >><VirtualHost *:80> > >> > >>ServerAdmin webmaster@localhost > >> > >>ServerName luck.cloudcache.net <http://luck.cloudcache.net> > >> > >>PerlPostConfigRequire /etc/apache2/modperl/startup.pl <http://startup.pl> > >> > >> > >><Location /> > >> > >>SetHandler modperl > >> > >>PerlResponseHandler LuckyNum > >> > >></Location> > >> > >> > >> > >>ErrorLog ${APACHE_LOG_DIR}/error.log > >> > >>LogLevel warn > >> > >>CustomLog ${APACHE_LOG_DIR}/luck.access.log combined > >> > >> > >></VirtualHost> > >> > >> > >> > >>How do you think I can set up the SSL? > >> > >> > >>I asked it just b/c "certbot --apache" doesn't work for this handler. > >> > >> > >>Thanks. > >> > >> > >>On Sun, Jul 3, 2022 at 6:24 PM Jacques Deguest <j...@deguest.jp> wrote: > >> > >> You do not even need to have a virtualhost with ssl enabled for > >> certbot to work. > >> You can have a simple VirtualHost responding to regular 80 port, > >> then get the ssl certificate, then add the VirtualHost for SSL > >> and all your modperl specifications to it. Something like the > >> following, and once you got the certificate, you uncomment the > >> 2nd part. > >> > >> ---- > >> <Virtualhost *:80> > >> ServerName api.example.org:80 <http://api.example.org:80> > >> ServerAdmin w...@example.org > >> DocumentRoot /var/www/api.example.org <http://api.example.org> > >> DirectoryIndex "index.html" "index.pl <http://index.pl>" > >> "index.php" > >> CustomLog "/var/log/apache2/api.example.org-access.log" combined > >> ErrorLog "/var/log/apache2/api.example.org-error.log" > >> LogLevel warn > >> <Directory "/var/www/api.example.org <http://api.example.org>"> > >> Options All +MultiViews -ExecCGI -Indexes -Includes > >> AllowOverride All > >> </Directory> > >> ScriptAlias "/cgi-bin/" > >> "/var/www/api.example.org/cgi-bin/ <http://api.example.org/cgi-bin/>" > >> <IfModule mod_alias.c> > >> Alias "/icons/" "/var/www/icons/" > >> </IfModule> > >> <IfModule mod_ssl.c> > >> RewriteEngine on > >> RewriteRule ^\/?(.*)$ https://%{SERVER_NAME}/$1 [R,L] > >> </IfModule> > >> </VirtualHost> > >> > >> # <IfModule mod_ssl.c> > >> # <VirtualHost *:443> > >> # ServerName api.example.org:443 <http://api.example.org:443> > >> # ServerAdmin w...@example.org > >> # DocumentRoot /var/www/api.example.org > >> <http://api.example.org> > >> # DirectoryIndex "index.html" "index.php" > >> # CustomLog "/var/log/apache2/api.example.org-access.log" > >> combined > >> # ErrorLog "/var/log/apache2/api.example.org-error.log" > >> # LogLevel warn > >> # <Directory "/var/www/api.example.org > >> <http://api.example.org>"> > >> # RewriteEngine Off > >> # Options All +MultiViews -ExecCGI -Indexes -Includes > >> # AllowOverride All > >> # </Directory> > >> # ScriptAlias "/cgi-bin/" > >> "/var/www/api.example.org/cgi-bin/ <http://api.example.org/cgi-bin/>" > >> # <Directory "/var/www/api.example.org/cgi-bin/ > >> <http://api.example.org/cgi-bin/>"> > >> # RewriteEngine Off > >> # Options All +Includes +ExecCGI -Indexes +MultiViews > >> # AllowOverride All > >> # SetHandler cgi-script > >> # AcceptPathInfo On > >> # Require all granted > >> # </Directory> > >> # <IfModule mod_perl.c> > >> # PerlOptions +GlobalRequest > >> # PerlPassEnv MOD_PERL > >> # PerlPassEnv HOME > >> # PerlPassEnv SERVER_NAME > >> # PerlPassEnv HTTP_HOST > >> # PerlPassEnv REMOTE_ADDR > >> # PerlPassEnv REMOTE_HOST > >> # PerlPassEnv PATH_INFO > >> # PerlPassEnv LC_MESSAGES > >> # PerlPassEnv LANGUAGE > >> # PerlModule Apache2::Request > >> # PerlModule Apache2::Status > >> # PerlModule Apache::DBI > >> # <Location /> > >> # SetHandler modperl > >> # PerlHandler Apache::Registry > >> # PerlSendHeader On > >> # PerlSetupEnv On > >> # PerlOptions +GlobalRequest > >> # Options +Includes +ExecCGI > >> # Order allow,deny > >> # Allow from all > >> # </Location> > >> # </IfModule> > >> # > >> # SSLCertificateFile > >> /etc/ssl/private/api.example.org/cert.pem > >> <http://api.example.org/cert.pem> > >> # SSLCertificateKeyFile > >> /etc/ssl/private/api.example.org/privkey.pem > >> <http://api.example.org/privkey.pem> > >> # Include /etc/ssl/options-ssl-apache.conf > >> # > >> # <IfModule mod_alias.c> > >> # Alias "/icons/" "/var/www/icons/" > >> # </IfModule> > >> # </Virtualhost> > >> # </IfModule> > >> ---- > >> > >> > >> On 2022/07/03 19:00, Yong Walt wrote: > >>> but that vhost has a modperl handler as the endpoint only. > >>> > >>> On Sun, Jul 3, 2022 at 12:19 PM Mithun Bhattacharya > >>> <mit...@gmail.com> wrote: > >>> > >>> You don't enable SSL for a endpoint you do it for a > >>> host/port combination. All endpoints under that virtual host > >>> is SSL enabled. > >>> > >>> On Sat, Jul 2, 2022, 9:01 PM Yong Walt <yongw...@gmail.com> > >>> wrote: > >>> > >>> Hello > >>> > >>> When I run certbot --apache for modperl handler service, > >>> it doesn't work. > >>> So how can I setup letsencrypt SSL for a pure handler > >>> web API? > >>> > >>> Thanks > >>> > >> > > > [-- Error: unable to create PGP subprocess! --] -- So many immigrant groups have swept through our town that Brooklyn, like Atlantis, reaches mythological proportions in the mind of the world - RI Safir 1998 http://www.mrbrklyn.com DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002 http://www.nylxs.com - Leadership Development in Free Software http://www2.mrbrklyn.com/resources - Unpublished Archive http://www.coinhangout.com - coins! http://www.brooklyn-living.com Being so tracked is for FARM ANIMALS and extermination camps, but incompatible with living as a free human being. -RI Safir 2013
