{"id":1333,"date":"2016-01-04T12:04:25","date_gmt":"2016-01-04T17:04:25","guid":{"rendered":"https:\/\/wehuberconsultingllc.com\/wordpress\/?p=1333"},"modified":"2016-01-04T12:08:30","modified_gmt":"2016-01-04T17:08:30","slug":"lets-encrypt-apache-multiple-virtual-host-files","status":"publish","type":"post","link":"https:\/\/wehuberconsultingllc.com\/wordpress\/2016\/01\/04\/lets-encrypt-apache-multiple-virtual-host-files\/","title":{"rendered":"Let’s Encrypt Apache With Multiple Virtual Host Files"},"content":{"rendered":"

Over the holidays I converted this site over to use SSL using a free SSL certificate from Let\u00e2\u20ac\u2122s Encrypt<\/a> since the folks at Digital Ocean had written a nice tutorial, How To Secure Apache with Let’s Encrypt on Ubuntu 14.04<\/a>. The problem was that the installation script partially worked. It created a SSL certificate for multiple hosts but it did not update any of the virtual hosts files. So I had to update the files manually using the template in the\u00c2\u00a0\/etc\/letsencrypt folder. To get an “A” rating from Qualys SSL Server Test<\/a> I had to download the intermediate certificate\u00c2\u00a0https:\/\/letsencrypt.org\/certificates\/<\/a>. Finally I redirected all of my encrypted traffic to the SSL site. Here is what my Apache host configuration file looks like.<\/p>\n

\r\n<virtualhost *:80>\r\nServerName mysite.com \r\nRedirect \/ https:\/\/mysite.com\/ \r\n<\/virtualhost>\r\n<virtualhost *:80>\r\nServerName www.mysite.com \r\nRedirect permanent \/ http:\/\/mysite.com\/ \r\n<\/virtualhost>\r\n<virtualhost *:443>\r\nServerName mysite.com \r\nDocumentRoot \/var\/www\/html \r\nErrorLog ${APACHE_LOG_DIR}\/error.log \r\nCustomLog ${APACHE_LOG_DIR}\/access.log combined \r\nSSLEngine on \r\n# Intermediate configuration, tweak to your needs \r\nSSLProtocol all -SSLv2 -SSLv3 \r\nSSLHonorCipherOrder on \r\nSSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA \r\nSSLCompression off \r\nSSLOptions +StrictRequire \r\nSSLCertificateFile \/etc\/letsencrypt\/live\/mysite.com\/fullchain.pem \r\nSSLCertificateKeyFile \/etc\/letsencrypt\/live\/mysite.com\/privkey.pem \r\nSSLCertificateChainFile \/etc\/letsencrypt\/lets-encrypt-x1-cross-signed.pem \r\n<\/virtualhost><\/pre>\n","protected":false},"excerpt":{"rendered":"
Over the holidays I converted this site over to use SSL using a free SSL certificate from Let\u00e2\u20ac\u2122s Encrypt since the folks at Digital Ocean had written a nice tutorial, How To Secure Apache with Let’s Encrypt on Ubuntu 14.04. The problem was that the installation script partially worked. It created a SSL certificate for … Continue reading “Let’s Encrypt Apache With Multiple Virtual Host Files”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[150],"tags":[151,152],"class_list":["post-1333","post","type-post","status-publish","format-standard","hentry","category-apache","tag-apache","tag-ssl"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p4iN3d-lv","jetpack-related-posts":[],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/posts\/1333","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/comments?post=1333"}],"version-history":[{"count":5,"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/posts\/1333\/revisions"}],"predecessor-version":[{"id":1338,"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/posts\/1333\/revisions\/1338"}],"wp:attachment":[{"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/media?parent=1333"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/categories?post=1333"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wehuberconsultingllc.com\/wordpress\/wp-json\/wp\/v2\/tags?post=1333"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}