Excerpts from Alvaro Cornejo's message of 2018-06-04 21:18:57 -0500:
I´m trying to setup a ssl connection to Koha (using letsEncrypt certs ) so my users, admin and opac can have a secure connection.
I´ve folllowed letsEncrypt & certbot instrucctions but neither opac nor admin pages work.
I used certbot on Debian 8 to get the OPAC and staff clients to use SSL. If I recall correctly, certbot attempted to modify my Apache config file to add references to the LetsEncrypt certificate files, but I think it chose the wrong file to modify. So I hand-modified the Koha-specific config file to point to the certificates. Below is the resulting /etc/apache2/sites-available/LIB.conf. Replace LIB with the actual Koha instance name, and replace KOHA.MYLIBRARY.COM with the actual hostname. Note also that I chose port 81 for the OPAC and port 82 for the staff client; you will probably need to change those numbers. # Koha instance LIB Apache config. # OPAC <VirtualHost *:81> <IfVersion >= 2.4> Define instance "LIB" </IfVersion> Include /etc/koha/apache-shared.conf # Include /etc/koha/apache-shared-disable.conf Include /etc/koha/apache-shared-opac-plack.conf Include /etc/koha/apache-shared-opac.conf ServerName KOHA.MYLIBRARY.COM SetEnv KOHA_CONF "/etc/koha/sites/LIB/koha-conf.xml" SetEnv MEMCACHED_SERVERS "127.0.0.1:11211" SetEnv MEMCACHED_NAMESPACE "koha_LIB" AssignUserID LIB-koha LIB-koha ErrorLog /var/log/koha/LIB/opac-error.log # TransferLog /var/log/koha/LIB/opac-access.log # RewriteLog /var/log/koha/LIB/opac-rewrite.log SSLCertificateFile /etc/letsencrypt/live/KOHA.MYLIBRARY.COM/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/KOHA.MYLIBRARY.COM/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf </VirtualHost> # Intranet <VirtualHost *:82> <IfVersion >= 2.4> Define instance "LIB" </IfVersion> Include /etc/koha/apache-shared.conf # Include /etc/koha/apache-shared-disable.conf Include /etc/koha/apache-shared-intranet-plack.conf Include /etc/koha/apache-shared-intranet.conf ServerName KOHA.MYLIBRARY.COM SetEnv KOHA_CONF "/etc/koha/sites/LIB/koha-conf.xml" SetEnv MEMCACHED_SERVERS "127.0.0.1:11211" SetEnv MEMCACHED_NAMESPACE "koha_LIB" AssignUserID LIB-koha LIB-koha ErrorLog /var/log/koha/LIB/intranet-error.log # TransferLog /var/log/koha/LIB/intranet-access.log # RewriteLog /var/log/koha/LIB/intranet-rewrite.log SSLCertificateFile /etc/letsencrypt/live/KOHA.MYLIBRARY.COM/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/KOHA.MYLIBRARY.COM/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf </VirtualHost>