On 29 May 2025 at 18:08, Todd Zullinger wrote: Date sent: Thu, 29 May 2025 18:08:14 -0400 From: Todd Zullinger <t...@pobox.com> To: users@lists.fedoraproject.org Subject: Re: How to setup certs for https access for Fedora 42? Send reply to: Community support for Fedora users <users@lists.fedoraproject.org>
> Barry wrote: > > > > > >> On 29 May 2025, at 16:38, Michael D. Setzer II via users > >> <users@lists.fedoraproject.org> wrote: > >> > >> No need to setup a Virtual Host. Don't know why they don't list this > >> option. > > > > My guess is because almost everyone uses VirtualHost sections. > > And chage the file there means you now have to track future > changes to it yourself rather than picking them up via the > normal package updates. > Don't understand this? Looked at another Fedora system that has httpd installed, but never setup. I also the VirtualHost options all commented out by default? So why would installing updates break things. If that is what the default should be, then why isn't the VirtualHost setup as the default configuration rather than being commented out? Had tried the certbot run --apache option in past, but it came up with unknown certificate provider message. Know one can create many virtual host on a machine, but been doing simple setup going back to redhat 9, and then Fedora Core 1 to Fedora 42 now. Had it on SCO and Unixware before that. The changes are mostly to commented lines? diff ssl.conf ssl.conf.sav 59,60c59,60 < DocumentRoot "/var/www/html" < ServerName setzco.dyndns.org:443 --- > #DocumentRoot "/var/www/html" > #ServerName www.example.com:443 101c101 < SSLCertificateFile /etc/letsencrypt/live/setzco.dyndns.org/cert.pem --- > SSLCertificateFile /etc/pki/tls/certs/localhost.crt 109c109 < SSLCertificateKeyFile /etc/letsencrypt/live/setzco.dyndns.org/privkey.pem --- > SSLCertificateKeyFile /etc/pki/tls/private/localhost.key 118c118 < SSLCertificateChainFile /etc/letsencrypt/live/setzco.dyndns.org/chain.pem --- > #SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt > It's simply not the right way to make such changes. It's > your system, so you're free to do it however you want, but > it's a good thing that Let's Encrypt doesn't recommend that > course of action. Perhaps will check it out on one of my other machines. Only have 11 used webpages with some php and mariadb databases. > > -- > Todd > +------------------------------------------------------------+ Michael D. Setzer II - Computer Science Instructor (Retired) mailto:mi...@guam.net mailto:msetze...@gmail.com mailto:msetze...@gmx.com Guam - Where America's Day Begins G4L Disk Imaging Project maintainer http://sourceforge.net/projects/g4l/ +------------------------------------------------------------+
-- _______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
