Search This Blog

Automatic certificate renewal with Let's Encrypt

 

Automatic certificate renewal with Let's Encrypt

Recently, as a number of domestic manufacturers such as Tencent Cloud and Alibaba Cloud have adjusted the free SSL certificate period from 1 year to 90 days, it has brought a lot of trouble to maintenance. Originally, SSL certificates only needed to be updated once a year, but now they need to be updated 4 times a year, which is really too troublesome.

So I looked for a service that could automatically update SSL certificates for free, that is, Let's Encrypt with Certbot to automatically update certificates.

First, let me introduce these two services:

What is Let’s Encrypt

Let's Encrypt is a certificate authority (CA) that provides free SSL/TLS certificates. It was founded by the non-profit organization Internet Security Research Group (ISRG) to improve the security and privacy protection of the Internet.

Using SSL/TLS certificates can encrypt the communication between your website and users, and protect your users from security threats such as man-in-the-middle attacks. In the past, obtaining SSL/TLS certificates required a certain fee and a relatively cumbersome configuration process, which limited many small websites and personal blogs to use SSL/TLS certificates.

Let's Encrypt provides an automated certificate issuance process that makes it easy to obtain free SSL/TLS certificates while reducing the complexity of configuration. Unlike traditional commercial CAs, Let's Encrypt certificates are only valid for 90 days, but can be extended through an automated renewal process, making certificate management more convenient.

The free and easy-to-use Let's Encrypt certificates have been widely recognized and supported, and have become one of the preferred certificate authorities for many website administrators.

What is Certbot?

Certbot is a free and open source software tool for automating the use of Let's Encrypt certificates to enable HTTPS on manually managed websites .

Certbot is produced by the Electronic Frontier Foundation (EFF), a 501(c)3 nonprofit organization based in San Francisco, California, dedicated to defending digital privacy, free speech, and innovation.

How to apply for a free SSL certificate

1. First, open  the Certbot  website and select our operating system and running web server software:

Image [1] - Automatically renew certificates using Let's Encrypt - Rich Magazine

2. Log in to the server via SSH and install snapd:

Install snapd through the following command line:

sudoaptupdatesudoaptinstallsnapd

3. Remove certbot-auto and any Certbot OS packages

If you installed any Certbot packages  using your OS package manager (such as  apt, , dnf or  ), remove them before installing the Certbot snap to ensure that when you run the command  you use the snap and not the installation from your OS package manager. The specific command to do this depends on your operating system, but common examples are  , ,  or  .yumcertbotsudo apt-get remove certbotsudo dnf remove certbotsudo yum remove certbot

4. Install Certbot

Install Certbot by executing the following command:

sudosnapinstall --classiccertbot

5. Set up a soft link for the Certbot command

Set up a soft link to the Certbot command by executing the following command:

sudoln -s/snap/bin/certbot/usr/bin/certbot

6. Obtain and install the installation certificate

Run the following command to obtain a certificate and have Certbot automatically edit your nginx configuration to serve, enabling HTTPS access in one step:

sudocertbotcertonly --nginx

The Certbot package on your system comes with a cron job or systemd timer that automatically renews certificates before they expire.

After that, when we visit the website, we can see that https access has been automatically enabled, and the maintenance is automated. The certificate is automatically renewed upon expiration, eliminating the trouble of manual maintenance. Isn’t it great 👍?

at
Labels: ,

Free domain name US.KG registration supports access to CF, valid for 1 year, free extension

 

Image [1] - Free domain name US.KG registration supports access to CF, valid for 1 year, free extension available - Rich Magazine

The information that the US.KG domain name is operated and held by the DigitalPlat Foundation provides us with an understanding of the background and operator of the domain name. The following is a detailed analysis and interpretation of this information:

  1. Operator and owner :
    • The US.KG domain is operated and owned by the DigitalPlat Foundation, which means that the foundation is responsible for the management, maintenance, and allocation of the domain.
  2. Features :
    • The mission of this domain is to provide free domain names to any person or organization . This is a very attractive feature since many domain name registrars usually charge a fee for it.
  3. Domain name attributes :
    • .KG is the national domain name of Kyrgyzstan and a type of overseas domain name. This means that although it is the top-level domain name of Kyrgyzstan, it can be registered and used worldwide.
  4. Free Registration Policy :
    • Each account can register 3 subdomains for free . This is a very generous policy that provides many individuals and organizations with the opportunity to obtain free domain names.
    • The domain name is valid for 1 year, which means that after registration, users can use the domain name for free for one year.
    • Free renewal is available 180 days in advance. This is an important feature as it allows users to renew their domain name with plenty of time before it expires, thus avoiding the loss of the domain name.

Registered Address

https://register.us.kg/auth/login?next=/panel/main

Supported domain names

***.us.kg

Brief steps
1, visit the registration address, enter your email address and password. Submit registration

2. Check your mailbox (check the trash), click the link to activate your account

3. After the account is successfully activated, visit the console. If KYC verification appears, enter your name and country (use a search engine to find photos?) and submit it directly.

4. Click Register Domain Name, select the domain name prefix you want and check if it is available. If it is available, just fill in the NS record and register.

Image [2] - Free domain name US.KG registration supports access to CF, valid for 1 year, free extension available - Rich Magazine

When registering a domain name, you must fill in the NS record. You can fill in the NS of the following CF (NS can be modified)

  • ray.ns.cloudflare.com
  • alina.ns. cloud flare.com

5. After the domain name is successfully registered, you can access the CF platform and add the domain name

Image [3] - Free domain name US.KG registration supports access to CF, valid for 1 year, free extension available - Rich Magazine

Final summary

A few important tips about US.KG free domain name:

  1. Unable to receive mail : The official postal service may be unstable at present. If you encounter the problem of not receiving mail, it is recommended to wait for a while and try again, because the service may be being restored or adjusted.
  2. DNS service : In addition to CloudFlare, you can also choose other DNS services to configure your US.KG domain name. This provides users with more choices and flexibility.
  3. Domain name validity and extension : Each registered US.KG domain name is valid for one year. Within 180 days before the domain name expires, you can extend it for free to ensure the continued use of the domain name.
  4. Friendly reminder : It should be noted that free domain names usually do not provide any guarantee or support, so it is not recommended to use them for important online environments. For production environments or critical applications, it is recommended to use paid, supported domain name services.
at
Labels: ,

Tutorial on installing Google Service Framework GMS Google Play on Huawei mobile phone HarmonyOS 4.2 latest version

 

Image [1] - Huawei mobile phone Hongmeng 4.2/HarmonyOS 4.2 latest version installation Google Service Framework GMS Google Play tutorial (latest test available) - Rich Magazine

Tutorial Statement】

This tutorial uses the method of restoring the official backup file to install the software , and does not involve system cracking .

The Android systems of domestic mobile phone brands such as Xiaomi, OPPO and Vivo have built-in Google's GMS basic framework and do not violate China's current policies.

This tutorial aims to help Hongmeng system users who have application needs such as working or studying abroad to install the Google GMS basic framework. It does not involve illegal network services such as VPN.

Reminder: Before installing Google Framework, it is recommended to close the App Clone, such as WeChat dual opening, because some friends have reported that installing Google Framework with App Dual Opening may cause errors. Therefore, it is recommended to close the App Clone when installing Google Framework. After the Google Framework is installed, open the App Clone, WeChat dual opening, etc., and you can use it normally.

Demonstration operation video

If the video fails to play, please refresh and try again!
Download address of mobile Google framework installation file mobile6:

Main site download 1

Latest tests of the above methods are available.

at
Labels: , ,
Subscribe to: Posts (Atom)