...
Note |
---|
Prerequisites before using install-reverse-proxy: |
Open port 80 for to enable the Let’s encrypt Encrypt certbot domain-control proof-check, and
open port 443 to expose the extensions.
The
The file must contain just a valid domain, e.g.:/batm/config/hostname
file must point to the domain to be used.You must own and control a valid DNS domain,
for example,
agent86.yourcasdomain.com
The script will fail if this file is missing.
If this occurs,
create the file (with the correct contents),
restart CAS, and
run
install-reverse-proxy
again.
must resolve (to your CAS public IP).
See below: Create an “A” record
The script will fail if you cannot supply a valid DNS domain. If the script fails for this reason, then:
add the domain (e.g.
agent86.yourcasdomain.com
) to your DNS records, andrun
sudo certbot --nginx
to try again.
The
/batm/config/hostname
file must point to a that valid DNS domain ,for example,
agent86.yourcasdomain.com
must resolve (to your CAS IP).See below: Create an “A” record
The file must contain just a valid domain, e.g.:
) to your DNS recordsagent86.yourcasdomain.com
The script will fail if this file is missing. If the file is missing:
create the file (with the correct contents),
restart CAS, and
run
sudo certbot install-reverse-nginx
to tryproxy
again.
Disable version reporting in NGINX:
Edit the file:
/etc/nginx/nginx.conf
Find the line:
# server_tokens off;
Delete the leading hashtag “#” “
#
" (only the hashtag) to disable version reporting.Test the configuration and restart NGINX:
sudo nginx -t && sudo systemctl reload nginx
If the script fails for this reason, then:
add the domain (to be used.
URL path examples (replace “agent86“agent86.yourcasdomain.
com” com
" with your actual domain):
...
to permanently enable automatic certbot renewals, seeread below: Certbot Certificate Renewals
...