Renew Haproxy certs and Rabbit - jordy33/turbogears_tutorial GitHub Wiki

Stop haproxy and apache

sudo service apache2 stop
sudo service haproxy stop

Create certs

sudo certbot certonly --manual --preferred-challenges dns -d "*.dudewhereismy.com.mx"

Validate that the validation is correct:

dig TXT _acme-challenge.dudewhereismy.com.mx

Look where the new certs are located

Waiting for verification...
Cleaning up challenges

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/dudewhereismy.com.mx-0004/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/dudewhereismy.com.mx-0004/privkey.pem

In this example:

/etc/letsencrypt/live/dudewhereismy.com.mx-0004/

Copy from the new location to the certs directory:

cd /etc/letsencrypt/live/dudewhereismy.com.mx/
cp /etc/letsencrypt/live/dudewhereismy.com.mx-0004/* .

Update certs

DOMAIN='dudewhereismy.com.mx' sudo -E bash -c 'cat /etc/letsencrypt/live/$DOMAIN/fullchain.pem /etc/letsencrypt/live/$DOMAIN/privkey.pem > /etc/haproxy/certs/$DOMAIN.pem'

Rabbit directory

cd /home/wsgi/certs
cp /etc/letsencrypt/live/dudewhereismy.com.mx/cert.pem .
cp /etc/letsencrypt/live/dudewhereismy.com.mx/privkey.pem .
cp /etc/letsencrypt/live/dudewhereismy.com.mx/chain.pem ./cacert.pem

Restart Rabbit

sudo service rabbitmq-server stop
sudo service rabbitmq-server start

Start Services

sudo service apache2 start
sudo service haproxy start