[Check_mk (english)] check-mk with let's encrypt

Archive checkmk-en
7

Hi Marc,

I edited the /etc/apache2/sites-available/000-default.conf

     ServerName monitoring.mydomain.tld
     ServerAlias monitoring.myotherdomain.tld monitoring.anotherone.tld

To check which site is active and where to find it do a ls -l in /etc/apache2/sites-enabled e.g.

     lrwxrwxrwx 1 root root 35 Okt 1 16:40 000-default.conf -> ../sites-available/000-default.conf

That is all I did, hope that helps.

Julian

···

On 13.10.2016 16:58, Marc Bruell wrote:

Hi Julian,

You wrote:

    Before requesting the cert, set server-name and server-alias in
    /etc/apache/sites-available/yoursitename

In my install, there's only the default apache sites-available entries. Installing omd and check_mk didn't create any additional entries there, nor did it modify the defaults. The apache config that's referenced when I grep running processes for apache is:

/omd/sites/mysite/etc/apache/apache.conf

ServerName is specified as: 127.0.0.1
and example.com <http://example.com> is commented out (otherwise I'd try editing that to reflect my server name, and uncommenting it).

I tried to run the letsencrypt installer anyway, hoping it would find what it needed, but it failed.

Did you create another entry in sites-availble, or did you modify the default install, so that one got created there, or did you do something else entirely?

Thanks,

Marc

PS: I plan to run this internally, but we have found that let's encrypt didn't work unless the server was available in our dmz, so we typically put them there for the let's encrypt install, and then move them back to our internal zone once they've been verified.

On Fri, Oct 7, 2016 at 7:58 AM, Marc Bruell <mbruell@rfschools.com > <mailto:mbruell@rfschools.com>> wrote:

    Thanks - I found these instructions shortly after posting, but am
    not sure which sites-available conf file I need to edit.

    I used the default install of OMD, and that didn't create an
    additional entry in /etc/apache2/sites-available. Do I need to run
    omd configure - and change from Basic to WebGUI? I found this
    file: /omd/sites/mysitename/etc/apache/apache.conf, which uses
    "own" as the setting in WebGUI, and uses the loopback address (and
    mod_proxy).

    Thanks,

    Marc

    On Thu, Oct 6, 2016 at 3:16 PM, JJX <ubuntu@speluncula.de > <mailto:ubuntu@speluncula.de>> wrote:

        Hi Marc,

        I am using check-mk 1.2.8p11 on lts 16.04.1 with Let's
        Encrypt. I followed this instructions:
        Certbot
        <Certbot; it works for me.
        Before requesting the cert, set server-name and server-alias
        in /etc/apache/sites-available/yoursitename

        Julian

        On 06.10.2016 23:05, Marc Bruell wrote:

            Hi,

            I'm just getting started with check-mk, and so far it
            looks great. I'd like to configure apache to use SSL for
            the site, and would like to to use Let's Encrypt to do so.

            Do you have any documentation on how to do this? I'm using
            ubuntu server 16.04.1, and Check-mk 1.2.8p11

            Thank you,

            Marc

            _______________________________________________
            checkmk-en mailing list
            checkmk-en@lists.mathias-kettner.de
            <mailto:checkmk-en@lists.mathias-kettner.de>
            http://lists.mathias-kettner.de/mailman/listinfo/checkmk-en
            <http://lists.mathias-kettner.de/mailman/listinfo/checkmk-en&gt;

        _______________________________________________
        checkmk-en mailing list
        checkmk-en@lists.mathias-kettner.de
        <mailto:checkmk-en@lists.mathias-kettner.de>
        http://lists.mathias-kettner.de/mailman/listinfo/checkmk-en
        <http://lists.mathias-kettner.de/mailman/listinfo/checkmk-en&gt;