[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations

bugzilla-daemon at bugs.koha-community.org bugzilla-daemon at bugs.koha-community.org
Fri Dec 4 15:31:56 CET 2015


http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303

Mirko Tietgen <mirko at abunchofthings.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #45414|0                           |1
        is obsolete|                            |

--- Comment #12 from Mirko Tietgen <mirko at abunchofthings.net> ---
Created attachment 45415
  -->
http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=45415&action=edit
Bug 15303 Letsencrypt option for Debian package installations

Apache file for https only setups with automatic certificate
generation via letsencrypt. We need a workiung web server for
the letsencrypt magic, but we can't start on 443 without certs.
So we start on 80, get the certs, switch to 443 and restart
apache. 80 gets forwarded to https.

New option koha-create --force-https
- generates letsencrypt certificates
- sets up a https-only website
- redirects http to https

New option --letsencrypt
- sets the path where letsencrypt-auto lives
- default value /usr/bin, but there is no Debian package yet

Test plan:
- build a debian package with patch applied
- checkout letsencrypt on the machine where you are testing the package
  git clone https://github.com/letsencrypt/letsencrypt
- use apache mod_ssl
  sudo a2enmod ssl
- make sure the machine is accessible on 80 (needed for letsencrypt) and 443
from the internet
- install koha with your new package
- use koha-create with the new options:
  sudo koha-create --create-db --force-https --letsencrypt
/home/mirko/letsencrypt <instance>
- wait until setup is finished, check that you got a working OPAC and staff
client with certificates
  make sure to use https:// to open both sites
- check that http redirects to https

-- 
You are receiving this mail because:
You are watching all bug changes.


More information about the Koha-bugs mailing list