Langkah 1
# sudo apt-get install snapd
# sudo apt-get remove certbot
# sudo snap install --classic certbotLangkah 2
# sudo systemctl stop haproxy
# sudo certbot certonly --standalonePada proses diatas ikuti langkah yang di intruksikan, masukan email serta nama domain yang akan di install SSL. Jika sukses maka akan muncul keterangan seperti dibawah
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/ha.dapurit.com/fullchain.pem
Key is saved at: /etc/letsencrypt/live/ha.dapurit.com/privkey.pem
This certificate expires on 2022-10-23.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
* Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
* Donating to EFF: https://eff.org/donate-leLangkah 3
# sudo cat "/etc/letsencrypt/live/ha.dapurit.com/fullchain.pem" "/etc/letsencrypt/live/ha.dapurit.com/privkey.pem" > "/etc/ssl/ha.dapurit.con.pem"Langkah 4
# sudo nano /etc/haproxy/haproxy.cfgLalu tambahkan rule berikut
bind 0.0.0.0:443 ssl crt /etc/ssl/ha.dapurit.com.pem <-- sesuikan dengan directory sertifikat SSL
http-request redirect scheme https unless { ssl_fc } <-- ini adalah rule agar akses domain otomatis redirect ke httpsLangkah 5
# sudo systemctl start haproxyDan cek apakah SSL sudah berhasil atau belum melalui browser anda, Jika sukses hasilnya akan seperti ini
Dari hasil diatas, bisa dilihat bahwa installasi SSL pada domain sudah sukses.
Leave a Reply