Please has anyone successful install on Ubuntu 20.04 fresh install certificate on bench frappe and erpnext version 13.x
I run below code
sudo bench setup wildcard-ssl erpnext.xyz --email test@example.com
But it doesn’t run and no error
I have search the forum and can’t seems to find any solution
Please anyone done or install wildcard cert, I need hint or pointer in the right direction
After using manual install and all done
and i ran
sudo certbot certificates
Found the following certs:
Certificate Name: mydomain.co
Domains: *.mydomain.co
Expiry Date: 2022 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/mydomain.co/fullchain.pem
Private Key Path: /etc/letsencrypt/live/mydomain.co/privkey.pem
am stuck at making bench or certbot apply the cert to my sub domain any help from here?
sudo bench setup wildcard-ssl erpnext.xyz still not doing anything or giving me error
PLEASE any help, anyone
THANK YOU
As I remember, some of bench commands are meant just to modify the config files.
In your case, (by assuming key/crt files are ready) just edit nginx to add TLS directives or modify to point to key/crt file location.
/etc/letsencrypt/live/mydomain.co/fullchain.pem
/etc/letsencrypt/live/mydomain.co/privkey.pem
Also, edit site config so that site URL to be https://mydomain.co
“just edit nginx to add TLS directives or modify to point to key/crt file location.”
How do I achieve this for each subdomain or can you give an example or pointer
“edit site config so that site URL to be https://mydomain.co”
For each subdomain I guess and please how to do this
The bench command doesn’t work anymore because the certbot auto had been deprecated.
The alternative is to use direct certbot command as you do.
The trick is on setting up the site_config.json (for single domain) or common_site_config.json (for wildcard).
bench setup nginx yet (this will remove the cert path from nginx.conf)bench setup nginx
For cert path insertion you can see follow these formats (choose which suit your need):
In common_site_config.json for wildcard certs:
"wildcard": {
"domain": "*.example.com",
"ssl_certificate": "/etc/letsencrypt/live/example.com/fullchain.pem",
"ssl_certificate_key": "/etc/letsencrypt/live/example.com/privkey.pem"
}
In site_config.json for site with custom domain (when there are multi domains or subdomains with each own ssl):
"domains": [
{
"domain": "site1.example.com",
"ssl_certificate": "/etc/letsencrypt/live/site1.example.com/fullchain.pem",
"ssl_certificate_key": "/etc/letsencrypt/live/site1.example.com/privkey.pem"
},
{
"domain": "site2.example.com",
"ssl_certificate": "/etc/letsencrypt/live/site2.example.com/fullchain.pem",
"ssl_certificate_key": "/etc/letsencrypt/live/site2.example.com/privkey.pem"
}
]
Thank you, this is what am asking for especially the subdomain with each own SSL will consider it later, it because can’t figure out how to have more than one individual cert that we consider wildcard,
Thank
You can keep adding subdomains whenever you add a new site.
sudo certbot certonly -a nginx -d example.com -d site1.example.com
later
sudo certbot certonly -a nginx -d site2.example.com
this will add new subdomain to the first certificate.
this is how we manage multiple sites . details here