Difference between revisions of "SSL Setup"

Step by step how-to instructions on installing and running KoBo Toolbox on a standalone server.
Jump to: navigation, search
m (Related)
(Tag: visualeditor)
(No certificates)
(Tag: visualeditor)
Line 8: Line 8:
 
Files with certificates:
 
Files with certificates:
 
* <code>new.key</code> private key, identical to old.key
 
* <code>new.key</code> private key, identical to old.key
* <code>new.crt</code> <pre style="background-color: ltgray;">Common Name: *.msf.org Subject Alternative Names: *.msf.org, msf.org Organization: Medecins Sans Frontieres Locality: Geneve State: Switzerland Country: CH Valid From: October 3, 2016 Valid To: December 6, 2019 Issuer: DigiCert SHA2 Secure Server CA Serial Number: 0d0b867650d056a849d37b03204ddd4f</pre> +  <pre style="background-color: ltgray;">Common Name: DigiCert SHA2 Secure Server CA Organization: DigiCert Inc Country: US Valid From: March 8, 2013 Valid To: March 8, 2023 Issuer: DigiCert Global Root CA Serial Number: 01fda3eb6eca75c888438b724bcfbc91</pre>
+
* <code>new.crt</code>
 
* <code>old.key</code> private key
 
* <code>old.key</code> private key
* <code>old.crt</code> <pre style="background-color: ltgray;">Common Name: *.msf.org Subject Alternative Names: *.msf.org, msf.org Organization: Medicins Sans Frontieres, Nederland Locality: Amsterdam State: 11 Country: NL Valid From: July 2, 2013 Valid To: November 2, 2016 Issuer: DigiCert SHA2 Secure Server CA Serial Number: 092dec36e451d834f3afbd1302225cf6</pre> + <pre style="background-color: ltgray;">Common Name: DigiCert SHA2 Secure Server CA Organization: DigiCert Inc Country: US Valid From: March 8, 2013 Valid To: March 8, 2023 Issuer: DigiCert Global Root CA Serial Number: 01fda3eb6eca75c888438b724bcfbc91</pre>
+
* <code>old.crt</code>
  
 
Restart:
 
Restart:
Line 19: Line 19:
  
 
==== Keys and Certificates ====
 
==== Keys and Certificates ====
[[Media:20161020_-_MSF_Kobo_SSL_Certificates.7z|20161020_-_MSF_Kobo_SSL_Certificates.7z]]
+
Please contact your administrator
  
 
==== Related ====
 
==== Related ====
 
* [[Server instance Setup]]
 
* [[Server instance Setup]]
 
* [[DNS_Setup|DNS Setup]]
 
* [[DNS_Setup|DNS Setup]]

Revision as of 10:45, 20 October 2017

A wildcard or SAN certificate+key pair valid for all three KoBo Toolbox subdomains should be set up ahead of time.

KOBO_DOCKER=/home/ate/kobo-docker/

SSL certificates are located in directory $KOBO_DOCKER/secrets/. Files in use by Kobo Docker:

  • ssl.key private key (symbolic link to file new.key)
  • ssl.crt *.msf.org certificate + digicert chain certificate (symbolic link to file new.crt)

Files with certificates:

  • new.key private key, identical to old.key
  • new.crt
  • old.key private key
  • old.crt

Restart:

cd $KOBO_DOCKER
docker-compose stop nginx && docker-compose rm -v nginx && docker-compose up -d && docker-compose logs nginx

Keys and Certificates

Please contact your administrator

Related