[LON-CAPA-admin] certbot renew on Ubuntu 16 AND https only question

Moore, Nathan T nmoore at winona.edu
Sun Mar 10 21:19:10 EDT 2019

I have loncapa running on an Azure/Linux/Ubuntu 16 vm for the domain loncapa.winona.edu.

In December, with lots of help from Stuart, I got certbot up and running on the machine.  Certbot provides a free SSL certificate, which is required for https.

Last week, I tried to renew my ssl certificate with certbot.  "certbot renew" failed.

The proper way (I learned today) to renew your certbot certificate in Ubuntu 16 is to include the following command-line arguments:

     certbot run -a webroot -i apache -w /home/httpd/html/ -d loncapa.winona.edu

Now, question:  Right now my loncapa site accepts http or https connections.  Since certbot seems to be working reliably, it seems like a good idea to force redirects from http://loncapa.winona.edu to https://loncapa.winona.edu

The "hack" way of doing this is to directly edit the vhost file with the lines,
RewriteEngine on
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]

Q1: I see some relevant files in /etc/apache2  Can I just edit them directly?
:/etc$ grep RewriteEngine ./apache2/loncapa*
./apache2/loncapa_apache.conf:        RewriteEngine on​
./apache2/loncapa_apache.conf:      RewriteEngine on​
./apache2/loncapa_rewrite.conf:    RewriteEngine off​

Q2: Q1 seems like a hack approach that will be overwritten when I update.  Is there an approach within loncapa configuration that automatically writes in this redirection?

Thanks all.

- - - -

Nathan Moore

Professor of Physics

Winona State University

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.lon-capa.org/pipermail/lon-capa-admin/attachments/20190311/4e26e155/attachment.html>

More information about the LON-CAPA-admin mailing list