|
|
@@ -107,18 +107,65 @@ Route::get('/testx', function () {
|
|
|
$domainKeyPair = $keyPairGenerator->generateKeyPair();
|
|
|
|
|
|
// This is the private key
|
|
|
- var_dump($domainKeyPair->getPrivateKey()->getPem());
|
|
|
+
|
|
|
+ $storagePath = storage_path('ssl-keys-domain-test');
|
|
|
+ if (!file_exists($storagePath)) {
|
|
|
+ mkdir($storagePath, 0755, true);
|
|
|
+ }
|
|
|
+
|
|
|
+ $publicKeyPath = $storagePath . '/public-key.pem';
|
|
|
+ $privateKeyPath = $storagePath . '/private-key.pem';
|
|
|
+
|
|
|
+
|
|
|
+ file_put_contents($publicKeyPath, $domainKeyPair->getPublicKey()->getPem());
|
|
|
+ file_put_contents($privateKeyPath, $domainKeyPair->getPrivateKey()->getPem());
|
|
|
+
|
|
|
|
|
|
// Generate CSR
|
|
|
$csr = new \AcmePhp\Ssl\CertificateRequest($dn, $domainKeyPair);
|
|
|
|
|
|
-
|
|
|
$certificateResponse = $acmeClient->requestCertificate('basi-qkoto.test.multiweber.com', $csr);
|
|
|
|
|
|
-// This is the certificate (public key)
|
|
|
- var_dump($certificateResponse->getCertificate()->getPem());
|
|
|
+ $certKeyPublicPath = $storagePath . '/cert.pem';
|
|
|
+ $certKeyPrivatePath = $storagePath . '/cert-key.private.pem';
|
|
|
+ $certFullChainPath = $storagePath . '/cert-fullchain.pem';
|
|
|
+
|
|
|
+
|
|
|
|
|
|
-// For Let's Encrypt, you will need the intermediate too
|
|
|
- var_dump($certificateResponse->getCertificate()->getIssuerCertificate()->getPEM());
|
|
|
+ file_put_contents($certKeyPrivatePath, $certificateResponse->getCertificate()->getPem());
|
|
|
+ file_put_contents($certKeyPublicPath, $certificateResponse->getCertificate()->getPublicKey()->getPem());
|
|
|
+ file_put_contents($certFullChainPath, $certificateResponse->getCertificate()->getIssuerCertificate()->getPem());
|
|
|
|
|
|
+
|
|
|
+ //sudo apachectl configtest
|
|
|
});
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+//
|
|
|
+//<VirtualHost *:443>
|
|
|
+// SSLEngine on
|
|
|
+//
|
|
|
+// SSLCertificateFile /home/basi-qkoto/.acmephp/master/certs/basi-qkoto.test.multiweber.com/public/cert.pem
|
|
|
+// SSLCertificateKeyFile /home/basi-qkoto/.acmephp/master/certs/basi-qkoto.test.multiweber.com/private/key.private.pem
|
|
|
+//
|
|
|
+// # enable HTTP/2, if available
|
|
|
+// Protocols h2 http/1.1
|
|
|
+//
|
|
|
+// # HTTP Strict Transport Security (mod_headers is required) (63072000 seconds)
|
|
|
+// Header always set Strict-Transport-Security "max-age=63072000"
|
|
|
+//</VirtualHost>
|
|
|
+//
|
|
|
+//# modern configuration
|
|
|
+//SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1 -TLSv1.2
|
|
|
+//SSLHonorCipherOrder off
|
|
|
+//SSLSessionTickets off
|
|
|
+//
|
|
|
+//SSLUseStapling On
|
|
|
+//SSLStaplingCache "shmcb:logs/ssl_stapling(32768)"
|
|
|
+//
|
|
|
+//
|
|
|
+
|
|
|
+
|
|
|
+
|
Bozhidar Slaveykov