Skip to content

Add Let's Encrypt installation guide for perfSONAR Toolkit#65

Merged
ShawnMcKee merged 1 commit intomasterfrom
docs/toolkit-letsencrypt
Dec 16, 2025
Merged

Add Let's Encrypt installation guide for perfSONAR Toolkit#65
ShawnMcKee merged 1 commit intomasterfrom
docs/toolkit-letsencrypt

Conversation

@ShawnMcKee
Copy link
Contributor

@ShawnMcKee ShawnMcKee commented Dec 16, 2025

Summary

Adds comprehensive Let's Encrypt SSL certificate installation and configuration instructions for perfSONAR Toolkit RPM deployments.

Changes

Documentation

  • Added Step 6: Let's Encrypt installation and configuration guide to install-perfsonar-toolkit.md
    • Prerequisites (DNS validation, port 80 access, Apache configuration)
    • Certbot installation (snap and DNF methods)
    • Certificate issuance using standalone authenticator
    • Apache SSL configuration
    • Automatic renewal setup (systemd timer and cron options)
    • Certificate expiration monitoring
    • Comprehensive troubleshooting section
  • Renumbered subsequent steps (Step 6→7→8, Step 7→8→9)

Helper Scripts

  • New: configure-toolkit-letsencrypt.sh - Configures Apache httpd (RHEL/AlmaLinux/Rocky) to use Let's Encrypt certificates
    • Validates certificate files exist
    • Backs up original Apache SSL config
    • Updates SSLCertificateFile, SSLCertificateKeyFile, and SSLCertificateChainFile directives
    • Provides verification and reload instructions

Installer Updates

  • Updated install_tools_scripts.sh to fetch configure-toolkit-letsencrypt.sh
  • Generated SHA256 checksums for new and updated files

Testing

  • Helper script validated against standard RHEL/AlmaLinux Apache configuration paths
  • Documentation reviewed for completeness and consistency
  • SHA256 checksums generated
  • Branch pushed successfully

Related

Complements existing Let's Encrypt support for container-based testpoint deployments. This PR specifically targets RPM Toolkit installations which use httpd instead of the Debian-based Apache in containers.

Checklist

  • Documentation follows existing guide structure and formatting
  • Helper script includes usage information and error handling
  • SHA256 checksums generated for verification
  • No breaking changes to existing functionality

@ShawnMcKee
docs: add Let's Encrypt installation and configuration guide for Toolkit
027c087 
- Added comprehensive Step 6 with Let's Encrypt setup instructions
- Created configure-toolkit-letsencrypt.sh helper script for RPM/Toolkit Apache config
- Updated install_tools_scripts.sh to fetch the new helper script
- Included prerequisites, installation, configuration, and renewal sections
- Added troubleshooting guide for common Let's Encrypt issues
- Renumbered subsequent steps (7→8, 8→9)
@ShawnMcKee ShawnMcKee merged commit 82689a7 into master Dec 16, 2025
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ShawnMcKee