An earlier post had noted various workarounds for renewing certificates of cloudflare proxied bitnami servers. When a new server was required now, I tried out the cloudflare-provided origin server certificate.
We get the certificate and private key from Cloudflare dashboard --> Domain --> SSL/TLS --> Origin server. We just have to ssh into the bitnami server and copy-paste the content of the certificate to server.crt and contents of the private key to server.key respectively, at /opt/bitnami/apache/conf/bitnami/certs/
This is so because the Bitnami Moodle installation already had the ssl configuration set up in the ssl conf file at at /opt/bitnami/apache/conf/
Edit: 10 Feb 2023 - on a fresh bitnami moodle install, just doing the above was causing bitnami services to not start up after a restart. An additional step - I needed to save the root certificate as
/opt/bitnami/apache/conf/server-ca.crt
as mentioned at serial number (4.) at
https://developers.cloudflare.com/ssl/origin-configuration/origin-ca
and linked from that page.
No comments:
Post a Comment