Bug 15303 Letsencrypt option for Debian package installations
New option koha-create --letsencrypt
- installs the letsencrypt package if needed
- creates <instance>
- generates letsencrypt certificates for <instance>
- sets up a https-only website for <instance>
- redirects http to https for <instance>
! you need to enable jessie backports to install letsencrypt: add
deb http://http.debian.net/debian jessie-backports main contrib non-free
to your /etc/apt/sources.list
! this patch uses the letsencrypt staging server
to create real certificates, apply thy "LE production server" patch
Test plan:
- build a debian package with patch applied
- use apache mod_ssl
sudo a2enmod ssl
- make sure the machine is accessible on 80 (needed for letsencrypt) and 443 from the internet
- install koha with your new package
- Put your (existing) domain options in /etc/koha/koha-sites.conf
- use koha-create with the new options:
sudo koha-create --create-db --letsencrypt <instance>
- if you do not have the letsencrypt package installed, you will be prompted to do that
[
if there is no package available, a symlink to the git checkout will work:
on your test server, get letsencrypt via git
git clone https://github.com/letsencrypt/letsencrypt
create a symlink from /usr/bin/letsencrypt to letsencrypt-auto
sudo ln -s /path/to/letsencrypt/letsencrypt-auto /usr/bin/letsencrypt
]
- wait until setup is finished, check that you got a working OPAC and staff client with certificates
- check that http redirects to https
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
projects / koha.git / commit