-
Notifications
You must be signed in to change notification settings - Fork 36
RPM installation on Alma Linux 9
grindsa edited this page Feb 11, 2023
·
2 revisions
-
Download the latest RPM package.
-
Install "Extra Packages for Enterprise Linux (EPEL)"
$ sudo yum install -y epel-release
$ sudo yum update -y
- Install the RPM packages
$ sudo yum -y localinstall /tmp/acme2certifier/acme2certifier-0.23.1-1.0.noarch.rpm
- Copy NGINX configuration file
$ cp /opt/acme2certifier/examples/nginx/nginx_acme_srv.conf /etc/nginx/conf.d
- Copy NGINX ssl configuration file (optional)
$ cp /opt/acme2certifier/examples/nginx/nginx_acme_srv_ssl.conf /etc/nginx/conf.d
- Create a configuration file
acme_srv.cfg
in/opt/acme2certifier/acme_srv/
or use the example stored in the examples directory - Modify the configuration file according to you needs
- Configure the CA handler according to your needs. Example for Insta Certifier
- Enable and start the acme2certifier service
$ systemctl enable acme2certifier.service
$ systemctl start acme2certifier.service
- Enable and start the nginx service
$ systemctl enable nginx.service
$ systemctl start nginx.service
- Test the server by accessing the directory resource
$ curl http://<your server name>/directory
{"newAccount": "http://127.0.0.1:8000/acme_srv/newaccount", "fa8b347d3849421ebc4b234205418805": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "http://127.0.0.1:8000/acme_srv/key-change", "newNonce": "http://127.0.0.1:8000/acme_srv/newnonce", "meta": {"home": "https://github.com/grindsa/acme2certifier", "author": "grindsa <[email protected]>"}, "newOrder": "http://127.0.0.1:8000/acme_srv/neworders", "revokeCert": "http://127.0.0.1:8000/acme_srv/revokecert"}
- Try to enroll a certificate by using your favourite acme-client. If something does not work enable debugging in
/opt/acme2certifier/acme_srv/acme_srv.cfg
and check/var/log/messages
for errors.