අද මම කියල දෙන්නේ apache වල virtual host එකක් හදල free SSL certificate එකක් දාන විදිය
ssl දන්නා කලින් ඔයාල mod ssl install කරගන්න ඕන මේ විදියට.
[root@test]# yum install mod_ssl
අපි free SSL දාන්නේ letsencrypt වලින්. එකට අපි GIT install කරගෙන එකේ clone එකක් හදාගමු අපේ host එකේ
[root@test]# yum install git [root@test]# sudo git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt [root@test]# cd /opt/letsencrypt [root@test letsencrypt]# sudo -H ./letsencrypt-auto certonly --standalone -d test.sysadmin.lk Creating virtual environment... Installing Python packages... Installation succeeded. Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator standalone, Installer None Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): inbox@sysadmin.lk - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must agree in order to register with the ACME server at https://acme-v02.api.letsencrypt.org/directory - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (A)gree/(C)ancel: a - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Would you be willing, once your first certificate is successfully issued, to share your email address with the Electronic Frontier Foundation, a founding partner of the Let's Encrypt project and the non-profit organization that develops Certbot? We'd like to send you email about our work encrypting the web, EFF news, campaigns, and ways to support digital freedom. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: n Obtaining a new certificate Performing the following challenges: http-01 challenge for test.sysadmin.lk Waiting for verification... Cleaning up challenges IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/test.sysadmin.lk/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/test.sysadmin.lk/privkey.pem Your cert will expire on 2021-02-03. To obtain a new or tweaked version of this certificate in the future, simply run letsencrypt-auto again. To non-interactively renew *all* of your certificates, run "letsencrypt-auto renew" - Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le
ඊට පස්සේ කරන්න තියෙන්නේ ඔයාගේ domain එකට අදාලව virtual host එකක් හදල එක මෙතනට /etc/httpd/conf.d/ දාන එක.
මම sample එකක් දානවා ඒක download කරගෙන ඔයාට ඕන විදියට වෙනස් කරලා upload කරන්න.
sample : Apache Virtual Host
මතක ඇතුව certificate එකේ path එක හරියට update කරන්න. නැත්නම් apache service restart කරට පස්සේ start වෙන එකක් නෑ.
දැන් ඔයාගේ වෙබ් එකට ගිහින් බලන්න එකේ SSL certificate එකත් එක්ක secure site එක බලාගන්න පුළුවන්.
මොනවත් ප්රශ්නයක් අවොත් apache log එක බලන්න එකේ හේතුව හොයාගන්න පුළුවන්. මෙතන මොනවහරි අපැහැදිලි දෙයක් තියෙනවනම් youtube එකේ මගේ video එක බලන්න එතකොට පැහැදිලි වෙයි.
මේ වගේ ගොඩක් දේවල් ඉගෙනගන්න අපේ youtube channel එක subscribe කරලා තියාගන්න අමතක කරන්න එපා 
youtube channel: https://www.youtube.com/channel/UCa4SYOgJK_lZBiNnGY3TF4Q
