Bismillah,

Crontab untuk memperpanjang sertifikat gratis dari Let’s Enscript. Langkah-langkahnya adalah sebagai berikut:

  1. Non Aktfikan Apache2
  2. Aktifkan OpenBSD Htppd
  3. Jalankan acme-client untuk memperbaharui sertifikat
  4. Non Aktifkan OpenBSD Httpd
  5. Aktikan Apache2

Semoga Bermanfaat.

muhammad$ doas crontab -l
#
SHELL=/bin/sh
PATH=/bin:/sbin:/usr/bin:/usr/sbin
HOME=/var/log
#
#minute hour    mday    month   wday    command
#
# rotate log files every hour, if necessary
0       *       *       *       *       /usr/bin/newsyslog
# send log file notifications, if necessary
#1-59   *       *       *       *       /usr/bin/newsyslog -m
#
# do daily/weekly/monthly maintenance
30      1       *       *       *       /bin/sh /etc/daily
30      3       *       *       6       /bin/sh /etc/weekly
30      5       1       *       *       /bin/sh /etc/monthly
#0      *       *       *       *       sleep $((RANDOM \% 2048)) && /usr/libexec/spamd-setup


#stop apache2
0       0       *       *       *       rcctl stop apache2
1       0       *       *       *       rcctl stop apache2

# SSL certificate
5       0       *       *       *       rcctl -f restart httpd
7       0       *       *       *       acme-client muhammad.muntaza.id && rcctl reload -f httpd
10      0       *       *       *       rcctl stop httpd

#start apache2
40      0       *       *       *       rcctl restart apache2
muhammad$
muhammad$



muhammad$ cat /etc/httpd.conf
# $OpenBSD: httpd.conf,v 1.20 2018/06/13 15:08:24 reyk Exp $

server "muhammad.muntaza.id" {
        listen on * port 80
        location "/.well-known/acme-challenge/*" {
                root "/acme"
                request strip 2
        }
        location * {
                block return 302 "https://$HTTP_HOST$REQUEST_URI"
        }
}

server "muhammad.muntaza.id" {
        listen on * tls port 443
        tls {
                certificate "/etc/ssl/muhammad.muntaza.id.fullchain.pem"
                key "/etc/ssl/private/muhammad.muntaza.id.key"
        }
        location "/pub/*" {
                directory auto index
        }
        location "/.well-known/acme-challenge/*" {
                root "/acme"
                request strip 2
        }
}
muhammad$ cat /etc/rc.conf.local
pkg_scripts=postgresql apache2
muhammad$