Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
Read More & Register today!
SOLVED

Regarding renewing the SSL certs automatically in author and publish instances.

Avatar

Level 3
Level 3
10/9/19 2:29:06 AM

Hi All,

We have enabled https 8443 port on both Author and Publish instances but while creating certificates we have mentioned 365 days now it got expired so we need to renew it. I need to automate the process by using Let's encrypt or Certbot but I am not sure how to implement it using those tools.

Please share the steps with any if any available.

Thanks,

Nagesh

Views

3.5K

Replies

7
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Employee Advisor
Employee Advisor
10/10/19 7:54:54 AM

If you can live with the fact, that the connection between dispatcher and AEM is unencrypted, you can just use the standard tools to keep the webserver certificate uptodate (the one which is end-user facing).

View solution in original post

Views

2.3K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
7 Replies

Avatar

Employee Advisor
Employee Advisor
10/9/19 5:27:48 AM

Not sure about the certificate creation but for upload to AEM, you can use a CURL command similar to below. More details at [1]

curl -u user:password -F "keystorePassword=password" -F "keystorePasswordConfirm=password" -F "truststorePassword=password" -F "truststorePasswordConfirm=password" -F "privatekeyFile=@localhostprivate.der" -F "certificateFile=@localhost.crt" -F "httpsPort=8443" http://host:port/libs/granite/security/post/sslSetup.html

[1] SSL By Default

Views

2.0K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Employee
Employee
10/9/19 6:30:37 AM

Are you assuming a new certificate is already generated to upload ?

Views

2.2K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 3
Level 3
10/9/19 6:42:02 AM

Hi, I have an idea on how to create certs and uploading the certs to instance but i need to automate the renewal process instead of recreating and uploading, etc. Please refer Let's Encrypt Project.

Thanks,

Nagesh

Views

2.3K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 1
Level 1
10/9/19 8:43:34 AM

You can setup a cron job to automatically renew SSL certificates.

More details here : https://www.onepagezen.com/letsencrypt-auto-renew-certbot-apache/

Views

2.0K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Employee
Employee
10/9/19 10:58:49 AM

OOTB AEM does not have an SSL "automate the renewal process". I think that if you manage to automate SSL auto-renewal with Let's Encrypt Project", then with a curl script suggested by Jaideep you can achieve the last step of upload new cert to AEM.

Views

2.2K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 3
Level 3
10/10/19 4:26:17 AM

Thanks for the information.  I have a query that everytime will it create new certs or renews the certs.

Views

2.3K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Employee Advisor
Employee Advisor
10/10/19 7:54:54 AM

If you can live with the fact, that the connection between dispatcher and AEM is unencrypted, you can just use the standard tools to keep the webserver certificate uptodate (the one which is end-user facing).

Views

2.3K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
How to migrate JTW to OAuth2 and use it in the Jenkins pipeline?

Views

50

Likes

0

Replies

3
I have a component based on show-hide in AEM. can any one help on this

Views

30

Likes

0

Replies

1
Regarding User Roles and Permissions API of Adobe commerce

Views

38

Likes

0

Replies

0
How to customize the positioning of foundation.validation.validator error message?

Views

86

Likes

0

Replies

4
Redirection Not working specific pages in Dispatcher server

Views

85

Likes

0

Replies

1