On 29 May 2025 at 18:08, Todd Zullinger wrote:
Date sent: Thu, 29 May 2025 18:08:14 -0400
From: Todd Zullinger <tmz@xxxxxxxxx>
To: users@xxxxxxxxxxxxxxxxxxxxxxx
Subject: Re: How to setup certs for https access for Fedora 42?
Send reply to: Community support for Fedora users <users@xxxxxxxxxxxxxxxxxxxxxxx>
> Barry wrote:
> >
> >
> >> On 29 May 2025, at 16:38, Michael D. Setzer II via users <users@xxxxxxxxxxxxxxxxxxxxxxx> wrote:
> >>
> >> No need to setup a Virtual Host. Don't know why they don't list this
> >> option.
> >
> > My guess is because almost everyone uses VirtualHost sections.
>
> And chage the file there means you now have to track future
> changes to it yourself rather than picking them up via the
> normal package updates.
>
Don't understand this? Looked at another Fedora system that has
httpd installed, but never setup. I also the VirtualHost options all
commented out by default? So why would installing updates break
things.
If that is what the default should be, then why isn't the VirtualHost
setup as the default configuration rather than being commented
out?
Had tried the certbot run --apache option in past, but it came up
with unknown certificate provider message.
Know one can create many virtual host on a machine, but been
doing simple setup going back to redhat 9, and then Fedora Core 1
to Fedora 42 now. Had it on SCO and Unixware before that.
The changes are mostly to commented lines?
diff ssl.conf ssl.conf.sav
59,60c59,60
< DocumentRoot "/var/www/html"
< ServerName setzco.dyndns.org:443
---
> #DocumentRoot "/var/www/html"
> #ServerName www.example.com:443
101c101
< SSLCertificateFile /etc/letsencrypt/live/setzco.dyndns.org/cert.pem
---
> SSLCertificateFile /etc/pki/tls/certs/localhost.crt
109c109
< SSLCertificateKeyFile /etc/letsencrypt/live/setzco.dyndns.org/privkey.pem
---
> SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
118c118
< SSLCertificateChainFile /etc/letsencrypt/live/setzco.dyndns.org/chain.pem
---
> #SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
> It's simply not the right way to make such changes. It's
> your system, so you're free to do it however you want, but
> it's a good thing that Let's Encrypt doesn't recommend that
> course of action.
Perhaps will check it out on one of my other machines. Only have
11 used webpages with some php and mariadb databases.
>
> --
> Todd
>
+------------------------------------------------------------+
Michael D. Setzer II - Computer Science Instructor (Retired)
mailto:mikes@xxxxxxxx
mailto:msetzerii@xxxxxxxxx
mailto:msetzerii@xxxxxxx
Guam - Where America's Day Begins
G4L Disk Imaging Project maintainer
http://sourceforge.net/projects/g4l/
+------------------------------------------------------------+
-- _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
