[ https://issues.apache.org/jira/browse/OFBIZ-7928?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jacques Le Roux reopened OFBIZ-7928: ------------------------------------ I reopen this still does not work. I plan to have a look, not sure when yet... > Use "Let's encrypt" for OFBiz demos SSL/TLS certificates > -------------------------------------------------------- > > Key: OFBIZ-7928 > URL: https://issues.apache.org/jira/browse/OFBIZ-7928 > Project: OFBiz > Issue Type: Task > Reporter: Jacques Le Roux > Assignee: Pierre Smits > Fix For: Release Branch 13.07, Trunk, Release Branch 16.11 > > > This is a transtion from INFRA-11960 > {quote} > After some tries, I have finally decided to adapt and use > http://blog.ivantichy.cz/blogpost/view/74 which is the most convenient way > for OFBiz > Since we need to use SANs (for demo-trunk-ofbiz.apache.org, > demo-stable-ofbiz.apache.org and demo-old-ofbiz.apache.org which are actually > OFBiz instances using different set of ports), I will try to use "-d > ofbiz-vm.apache.org" as 1st "-d" argument and if that does not work I'll > simply use the "-d" parameter with the other sub-domains only. What I > actually need is a renewable certificate in the OFBiz Java keystore > (ofbiz.jks) with the SANs present. From my experiences, the (adapted) script > above should provide me that. > {quote} > Maybe another possibility would be to install our own HTTPS and use the > instructions provided by Sam Ruby in INFRA-11960. I have to balance the work > with adapting the script I refered to above. > {quote} > The EFF has published new instructions: > https://certbot.eff.org/#ubuntutrusty-apache > FWIW, I had no problem moving from whimy-vm2 to whimsy-vm3. I've now got > certs for a second machine (ghmon-vm). Here's the puppet instructions to > download certbot, create a cronjob, and add use the certificates with Apache > httpd: > https://github.com/apache/infrastructure-puppet/pull/107/commits/8fea8223f398a77e67173c1b0c1b06b80fe576b0 > Once this is deployed, all that is left is running a single command: > certbot-auto -d host1.apache.org -d host2.apache.org... and answering two > prompts (you need to provide an email address and to indicate that you have > read the terms of service). > {quote} -- This message was sent by Atlassian JIRA (v6.3.15#6346)