Regarding renewing the SSL certs automatically in author and publish instances. | Community
Skip to main content
Nagesh_Mohan
Nagesh_Mohan
Level 2
October 9, 2019
Solved

Regarding renewing the SSL certs automatically in author and publish instances.

  • October 9, 2019
  • 7 replies
  • 4381 views

Hi All,

We have enabled https 8443 port on both Author and Publish instances but while creating certificates we have mentioned 365 days now it got expired so we need to renew it. I need to automate the process by using Let's encrypt or Certbot but I am not sure how to implement it using those tools.

Please share the steps with any if any available.

Thanks,

Nagesh

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by joerghoh

If you can live with the fact, that the connection between dispatcher and AEM is unencrypted, you can just use the standard tools to keep the webserver certificate uptodate (the one which is end-user facing).

7 replies

U
Adobe Employee
user05162Adobe Employee
Adobe Employee
October 9, 2019

Not sure about the certificate creation but for upload to AEM, you can use a CURL command similar to below. More details at [1]

curl -u user:password -F "keystorePassword=password" -F "keystorePasswordConfirm=password" -F "truststorePassword=password" -F "truststorePasswordConfirm=password" -F "privatekeyFile=@localhostprivate.der" -F "certificateFile=@localhost.crt" -F "httpsPort=8443" http://host:port/libs/granite/security/post/sslSetup.html

[1] SSL By Default

H
Adobe Employee
Hamid1350Adobe Employee
Adobe Employee
October 9, 2019

Are you assuming a new certificate is already generated to upload ?

Nagesh_Mohan
Nagesh_MohanAuthor
Level 2
October 9, 2019

Hi, I have an idea on how to create certs and uploading the certs to instance but i need to automate the renewal process instead of recreating and uploading, etc. Please refer Let's Encrypt Project.

Thanks,

Nagesh

mitp18720189
mitp18720189
October 9, 2019

You can setup a cron job to automatically renew SSL certificates.

More details here : https://www.onepagezen.com/letsencrypt-auto-renew-certbot-apache/

L
Adobe Employee
leoberliantAdobe Employee
Adobe Employee
October 9, 2019

OOTB AEM does not have an SSL "automate the renewal process". I think that if you manage to automate SSL auto-renewal with Let's Encrypt Project", then with a curl script suggested by Jaideep you can achieve the last step of upload new cert to AEM.

Nagesh_Mohan
Nagesh_MohanAuthor
Level 2
October 10, 2019

Thanks for the information.  I have a query that everytime will it create new certs or renews the certs.

joerghoh
Adobe Employee
joerghohAdobe EmployeeAccepted solution
Adobe Employee
October 10, 2019

If you can live with the fact, that the connection between dispatcher and AEM is unencrypted, you can just use the standard tools to keep the webserver certificate uptodate (the one which is end-user facing).

Terms & ConditionsAccessibility statement

Loading footer...