[BUG] Update documentation Configuring SSL certificates on the Wazuh dashboard using Let’s Encrypt #363
Labels
Comments
|
Hi @c-bordon We will simulate SSL configuration on Wazuh running on Amazon Linux 2 and respond to the issue. |
|
Hello @c-bordon The procedure to have this done on Amazon Linux 2 is as follows:
You should see a repo name that says "Amazon Extras repo for epel" Install certbot
At this point, the user can go ahead with the other parts of the configuration - Configure certbot to generate Let’s Encrypt SSL certificate We are in the process of updating the documentation. However, we would appreciate your feedback in testing that the above works and that you can generate certificates using the installed Certbot tool. |
TestTesting in Amazon Linux 2 amazon-linux-extras enable epel[root@ip-172-31-92-63 ~]# amazon-linux-extras enable epel
2 httpd_modules available [ =1.0 =stable ]
3 memcached1.5 available \
[ =1.5.1 =1.5.16 =1.5.17 ]
9 R3.4 available [ =3.4.3 =stable ]
10 rust1 available \
[ =1.22.1 =1.26.0 =1.26.1 =1.27.2 =1.31.0 =1.38.0
=stable ]
18 libreoffice available \
[ =5.0.6.2_15 =5.3.6.1 =stable ]
19 gimp available [ =2.8.22 ]
20 †docker=latest enabled \
[ =17.12.1 =18.03.1 =18.06.1 =18.09.9 =stable ]
21 mate-desktop1.x available \
[ =1.19.0 =1.20.0 =stable ]
22 GraphicsMagick1.3 available \
[ =1.3.29 =1.3.32 =1.3.34 =stable ]
24 epel=latest enabled [ =7.11 =stable ]
25 testing available [ =1.0 =stable ]
26 ecs available [ =stable ]
27 †corretto8 available \
[ =1.8.0_192 =1.8.0_202 =1.8.0_212 =1.8.0_222 =1.8.0_232
=1.8.0_242 =stable ]
32 lustre2.10 available \
[ =2.10.5 =2.10.8 =stable ]
34 lynis available [ =stable ]
36 BCC available [ =0.x =stable ]
37 mono available [ =5.x =stable ]
38 nginx1 available [ =stable ]
40 mock available [ =stable ]
43 livepatch available [ =stable ]
45 haproxy2 available [ =stable ]
46 collectd available [ =stable ]
47 aws-nitro-enclaves-cli available [ =stable ]
48 R4 available [ =stable ]
_ kernel-5.4 available [ =stable ]
50 selinux-ng available [ =stable ]
52 tomcat9 available [ =stable ]
53 unbound1.13 available [ =stable ]
54 †mariadb10.5 available [ =stable ]
55 kernel-5.10=latest enabled [ =stable ]
56 redis6 available [ =stable ]
59 †postgresql13 available [ =stable ]
60 mock2 available [ =stable ]
61 dnsmasq2.85 available [ =stable ]
62 kernel-5.15 available [ =stable ]
63 †postgresql14 available [ =stable ]
64 firefox available [ =stable ]
65 lustre available [ =stable ]
67 awscli1 available [ =stable ]
68 †php8.2 available [ =stable ]
69 dnsmasq available [ =stable ]
70 unbound1.17 available [ =stable ]
72 collectd-python3 available [ =stable ]
† Note on end-of-support. Use 'info' subcommand.
Now you can install:
# yum clean metadata
# yum install epel-releaseyum install epel-release[root@ip-172-31-92-63 ~]# yum install epel-release
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
amzn2-core | 3.6 kB 00:00:00
amzn2extra-docker | 2.9 kB 00:00:00
amzn2extra-epel | 3.0 kB 00:00:00
amzn2extra-kernel-5.10 | 3.0 kB 00:00:00
(1/2): amzn2extra-epel/2/x86_64/updateinfo | 76 B 00:00:00
(2/2): amzn2extra-epel/2/x86_64/primary_db | 1.8 kB 00:00:00
Resolving Dependencies
--> Running transaction check
---> Package epel-release.noarch 0:7-11 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
============================================================================================================================================================================================================================================
Package Arch Version Repository Size
============================================================================================================================================================================================================================================
Installing:
epel-release noarch 7-11 amzn2extra-epel 15 k
Transaction Summary
============================================================================================================================================================================================================================================
Install 1 Package
Total download size: 15 k
Installed size: 24 k
Is this ok [y/d/N]: y
Downloading packages:
epel-release-7-11.noarch.rpm | 15 kB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : epel-release-7-11.noarch 1/1
Verifying : epel-release-7-11.noarch 1/1
Installed:
epel-release.noarch 0:7-11
Complete!yum repolist[root@ip-172-31-92-63 ~]# yum repolist
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
Existing lock /var/run/yum.pid: another copy is running as pid 6790.
Another app is currently holding the yum lock; waiting for it to exit...
The other application is: yum
Memory : 379 M RSS (673 MB VSZ)
Started: Tue Nov 26 18:27:59 2024 - 00:06 ago
State : Running, pid: 6790
Another app is currently holding the yum lock; waiting for it to exit...
The other application is: yum
Memory : 379 M RSS (673 MB VSZ)
Started: Tue Nov 26 18:27:59 2024 - 00:08 ago
State : Running, pid: 6790
230 packages excluded due to repository priority protections
repo id repo name status
amzn2-core/2/x86_64 Amazon Linux 2 core repository 36,303
amzn2extra-docker/2/x86_64 Amazon Extras repo for docker 131
amzn2extra-epel/2/x86_64 Amazon Extras repo for epel 1
amzn2extra-kernel-5.10/2/x86_64 Amazon Extras repo for kernel-5.10 641
epel/x86_64 Extra Packages for Enterprise Linux 7 - x86_64 13,561+230
repolist: 50,637yum install -y certbot python3-certbot-apache[root@ip-172-31-92-63 ~]# yum install -y certbot python3-certbot-apache
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
230 packages excluded due to repository priority protections
No package python3-certbot-apache available.
Resolving Dependencies
--> Running transaction check
---> Package certbot.noarch 0:1.11.0-2.el7 will be installed
--> Processing Dependency: python2-certbot = 1.11.0-2.el7 for package: certbot-1.11.0-2.el7.noarch
--> Processing Dependency: /usr/sbin/semanage for package: certbot-1.11.0-2.el7.noarch
--> Running transaction check
---> Package policycoreutils-python.x86_64 0:2.5-22.amzn2 will be installed
--> Processing Dependency: audit-libs-python >= 2.1.3-4 for package: policycoreutils-python-2.5-22.amzn2.x86_64
--> Processing Dependency: libsemanage-python >= 2.5-9 for package: policycoreutils-python-2.5-22.amzn2.x86_64
--> Processing Dependency: setools-libs >= 3.3.8-2 for package: policycoreutils-python-2.5-22.amzn2.x86_64
--> Processing Dependency: checkpolicy for package: policycoreutils-python-2.5-22.amzn2.x86_64
--> Processing Dependency: libapol.so.4(VERS_4.0)(64bit) for package: policycoreutils-python-2.5-22.amzn2.x86_64
--> Processing Dependency: libcgroup for package: policycoreutils-python-2.5-22.amzn2.x86_64
--> Processing Dependency: libqpol.so.1(VERS_1.2)(64bit) for package: policycoreutils-python-2.5-22.amzn2.x86_64
--> Processing Dependency: libqpol.so.1(VERS_1.4)(64bit) for package: policycoreutils-python-2.5-22.amzn2.x86_64
--> Processing Dependency: libselinux-python for package: policycoreutils-python-2.5-22.amzn2.x86_64
--> Processing Dependency: python-IPy for package: policycoreutils-python-2.5-22.amzn2.x86_64
--> Processing Dependency: libapol.so.4()(64bit) for package: policycoreutils-python-2.5-22.amzn2.x86_64
--> Processing Dependency: libqpol.so.1()(64bit) for package: policycoreutils-python-2.5-22.amzn2.x86_64
---> Package python2-certbot.noarch 0:1.11.0-2.el7 will be installed
--> Processing Dependency: python-parsedatetime >= 1.3 for package: python2-certbot-1.11.0-2.el7.noarch
--> Processing Dependency: python2-acme >= 1.8.0 for package: python2-certbot-1.11.0-2.el7.noarch
--> Processing Dependency: python2-configargparse >= 0.9.3 for package: python2-certbot-1.11.0-2.el7.noarch
--> Processing Dependency: python2-distro >= 1.0.1 for package: python2-certbot-1.11.0-2.el7.noarch
--> Processing Dependency: python2-josepy >= 1.1.0 for package: python2-certbot-1.11.0-2.el7.noarch
--> Processing Dependency: python-zope-component for package: python2-certbot-1.11.0-2.el7.noarch
--> Processing Dependency: python-zope-interface for package: python2-certbot-1.11.0-2.el7.noarch
--> Processing Dependency: python2-mock for package: python2-certbot-1.11.0-2.el7.noarch
--> Processing Dependency: python2-pyrfc3339 for package: python2-certbot-1.11.0-2.el7.noarch
--> Processing Dependency: pytz for package: python2-certbot-1.11.0-2.el7.noarch
--> Running transaction check
---> Package audit-libs-python.x86_64 0:2.8.1-3.amzn2.1 will be installed
---> Package checkpolicy.x86_64 0:2.5-6.amzn2 will be installed
---> Package libcgroup.x86_64 0:0.41-21.amzn2 will be installed
---> Package libselinux-python.x86_64 0:2.5-12.amzn2.0.2 will be installed
---> Package libsemanage-python.x86_64 0:2.5-11.amzn2 will be installed
---> Package python-IPy.noarch 0:0.75-6.amzn2.0.1 will be installed
---> Package python-zope-component.noarch 1:4.1.0-5.el7 will be installed
--> Processing Dependency: python-zope-event for package: 1:python-zope-component-4.1.0-5.el7.noarch
---> Package python-zope-interface.x86_64 0:4.0.5-4.amzn2.0.2 will be installed
---> Package python2-acme.noarch 0:1.11.0-1.el7 will be installed
--> Processing Dependency: pyOpenSSL >= 0.13.1 for package: python2-acme-1.11.0-1.el7.noarch
--> Processing Dependency: python-ndg_httpsclient for package: python2-acme-1.11.0-1.el7.noarch
--> Processing Dependency: python-requests-toolbelt for package: python2-acme-1.11.0-1.el7.noarch
---> Package python2-configargparse.noarch 0:0.11.0-2.el7 will be installed
---> Package python2-distro.noarch 0:1.5.0-1.el7 will be installed
---> Package python2-josepy.noarch 0:1.3.0-2.el7 will be installed
---> Package python2-mock.noarch 0:1.0.1-10.el7 will be installed
---> Package python2-parsedatetime.noarch 0:2.4-6.el7 will be installed
--> Processing Dependency: python2-future for package: python2-parsedatetime-2.4-6.el7.noarch
---> Package python2-pyrfc3339.noarch 0:1.1-3.el7 will be installed
---> Package pytz.noarch 0:2016.10-2.amzn2.0.1 will be installed
---> Package setools-libs.x86_64 0:3.3.8-2.amzn2.0.2 will be installed
--> Running transaction check
---> Package pyOpenSSL.x86_64 0:0.13.1-3.amzn2.0.2 will be installed
---> Package python-ndg_httpsclient.noarch 0:0.3.2-1.el7 will be installed
---> Package python-requests-toolbelt.noarch 0:0.8.0-3.el7 will be installed
---> Package python-zope-event.noarch 0:4.0.3-2.el7 will be installed
---> Package python2-future.noarch 0:0.18.2-2.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
============================================================================================================================================================================================================================================
Package Arch Version Repository Size
============================================================================================================================================================================================================================================
Installing:
certbot noarch 1.11.0-2.el7 epel 47 k
Installing for dependencies:
audit-libs-python x86_64 2.8.1-3.amzn2.1 amzn2-core 79 k
checkpolicy x86_64 2.5-6.amzn2 amzn2-core 294 k
libcgroup x86_64 0.41-21.amzn2 amzn2-core 66 k
libselinux-python x86_64 2.5-12.amzn2.0.2 amzn2-core 237 k
libsemanage-python x86_64 2.5-11.amzn2 amzn2-core 115 k
policycoreutils-python x86_64 2.5-22.amzn2 amzn2-core 454 k
pyOpenSSL x86_64 0.13.1-3.amzn2.0.2 amzn2-core 133 k
python-IPy noarch 0.75-6.amzn2.0.1 amzn2-core 32 k
python-ndg_httpsclient noarch 0.3.2-1.el7 epel 43 k
python-requests-toolbelt noarch 0.8.0-3.el7 epel 78 k
python-zope-component noarch 1:4.1.0-5.el7 epel 228 k
python-zope-event noarch 4.0.3-2.el7 epel 79 k
python-zope-interface x86_64 4.0.5-4.amzn2.0.2 amzn2-core 138 k
python2-acme noarch 1.11.0-1.el7 epel 83 k
python2-certbot noarch 1.11.0-2.el7 epel 386 k
python2-configargparse noarch 0.11.0-2.el7 epel 31 k
python2-distro noarch 1.5.0-1.el7 epel 33 k
python2-future noarch 0.18.2-2.el7 epel 806 k
python2-josepy noarch 1.3.0-2.el7 epel 89 k
python2-mock noarch 1.0.1-10.el7 epel 92 k
python2-parsedatetime noarch 2.4-6.el7 epel 78 k
python2-pyrfc3339 noarch 1.1-3.el7 epel 16 k
pytz noarch 2016.10-2.amzn2.0.1 amzn2-core 46 k
setools-libs x86_64 3.3.8-2.amzn2.0.2 amzn2-core 618 k
Transaction Summary
============================================================================================================================================================================================================================================
Install 1 Package (+24 Dependent packages)
Total download size: 4.2 M
Installed size: 16 M
Downloading packages:
warning: /var/cache/yum/x86_64/2/epel/packages/certbot-1.11.0-2.el7.noarch.rpm: Header V4 RSA/SHA256 Signature, key ID 352c64e5: NOKEY
Public key for certbot-1.11.0-2.el7.noarch.rpm is not installed
(1/25): certbot-1.11.0-2.el7.noarch.rpm | 47 kB 00:00:00
(2/25): audit-libs-python-2.8.1-3.amzn2.1.x86_64.rpm | 79 kB 00:00:00
(3/25): checkpolicy-2.5-6.amzn2.x86_64.rpm | 294 kB 00:00:00
(4/25): libcgroup-0.41-21.amzn2.x86_64.rpm | 66 kB 00:00:00
(5/25): libsemanage-python-2.5-11.amzn2.x86_64.rpm | 115 kB 00:00:00
(6/25): libselinux-python-2.5-12.amzn2.0.2.x86_64.rpm | 237 kB 00:00:00
(7/25): policycoreutils-python-2.5-22.amzn2.x86_64.rpm | 454 kB 00:00:00
(8/25): python-ndg_httpsclient-0.3.2-1.el7.noarch.rpm | 43 kB 00:00:00
(9/25): python-requests-toolbelt-0.8.0-3.el7.noarch.rpm | 78 kB 00:00:00
(10/25): python-zope-component-4.1.0-5.el7.noarch.rpm | 228 kB 00:00:00
(11/25): python-zope-event-4.0.3-2.el7.noarch.rpm | 79 kB 00:00:00
(12/25): python-IPy-0.75-6.amzn2.0.1.noarch.rpm | 32 kB 00:00:00
(13/25): python2-acme-1.11.0-1.el7.noarch.rpm | 83 kB 00:00:00
(14/25): python2-certbot-1.11.0-2.el7.noarch.rpm | 386 kB 00:00:00
(15/25): python2-configargparse-0.11.0-2.el7.noarch.rpm | 31 kB 00:00:00
(16/25): python2-distro-1.5.0-1.el7.noarch.rpm | 33 kB 00:00:00
(17/25): python2-future-0.18.2-2.el7.noarch.rpm | 806 kB 00:00:00
(18/25): python2-josepy-1.3.0-2.el7.noarch.rpm | 89 kB 00:00:00
(19/25): python2-mock-1.0.1-10.el7.noarch.rpm | 92 kB 00:00:00
(20/25): python2-parsedatetime-2.4-6.el7.noarch.rpm | 78 kB 00:00:00
(21/25): python2-pyrfc3339-1.1-3.el7.noarch.rpm | 16 kB 00:00:00
(22/25): pyOpenSSL-0.13.1-3.amzn2.0.2.x86_64.rpm | 133 kB 00:00:00
(23/25): pytz-2016.10-2.amzn2.0.1.noarch.rpm | 46 kB 00:00:00
(24/25): python-zope-interface-4.0.5-4.amzn2.0.2.x86_64.rpm | 138 kB 00:00:00
(25/25): setools-libs-3.3.8-2.amzn2.0.2.x86_64.rpm | 618 kB 00:00:00
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 15 MB/s | 4.2 MB 00:00:00
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
Importing GPG key 0x352C64E5:
Userid : "Fedora EPEL (7) <[email protected]>"
Fingerprint: 91e9 7d7c 4a5e 96f1 7f3e 888f 6a2f aea2 352c 64e5
Package : epel-release-7-11.noarch (@amzn2extra-epel)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : pyOpenSSL-0.13.1-3.amzn2.0.2.x86_64 1/25
Installing : python2-josepy-1.3.0-2.el7.noarch 2/25
Installing : python2-pyrfc3339-1.1-3.el7.noarch 3/25
Installing : python-zope-interface-4.0.5-4.amzn2.0.2.x86_64 4/25
Installing : pytz-2016.10-2.amzn2.0.1.noarch 5/25
Installing : python-ndg_httpsclient-0.3.2-1.el7.noarch 6/25
Installing : python2-future-0.18.2-2.el7.noarch 7/25
Installing : python2-parsedatetime-2.4-6.el7.noarch 8/25
Installing : python-zope-event-4.0.3-2.el7.noarch 9/25
Installing : 1:python-zope-component-4.1.0-5.el7.noarch 10/25
Installing : python2-mock-1.0.1-10.el7.noarch 11/25
Installing : libsemanage-python-2.5-11.amzn2.x86_64 12/25
Installing : checkpolicy-2.5-6.amzn2.x86_64 13/25
Installing : libcgroup-0.41-21.amzn2.x86_64 14/25
Installing : python2-distro-1.5.0-1.el7.noarch 15/25
Installing : setools-libs-3.3.8-2.amzn2.0.2.x86_64 16/25
Installing : python2-configargparse-0.11.0-2.el7.noarch 17/25
Installing : python-requests-toolbelt-0.8.0-3.el7.noarch 18/25
Installing : python2-acme-1.11.0-1.el7.noarch 19/25
Installing : python2-certbot-1.11.0-2.el7.noarch 20/25
Installing : audit-libs-python-2.8.1-3.amzn2.1.x86_64 21/25
Installing : libselinux-python-2.5-12.amzn2.0.2.x86_64 22/25
Installing : python-IPy-0.75-6.amzn2.0.1.noarch 23/25
Installing : policycoreutils-python-2.5-22.amzn2.x86_64 24/25
Installing : certbot-1.11.0-2.el7.noarch 25/25
Verifying : python-IPy-0.75-6.amzn2.0.1.noarch 1/25
Verifying : libselinux-python-2.5-12.amzn2.0.2.x86_64 2/25
Verifying : python-ndg_httpsclient-0.3.2-1.el7.noarch 3/25
Verifying : audit-libs-python-2.8.1-3.amzn2.1.x86_64 4/25
Verifying : 1:python-zope-component-4.1.0-5.el7.noarch 5/25
Verifying : pyOpenSSL-0.13.1-3.amzn2.0.2.x86_64 6/25
Verifying : python-requests-toolbelt-0.8.0-3.el7.noarch 7/25
Verifying : python2-configargparse-0.11.0-2.el7.noarch 8/25
Verifying : certbot-1.11.0-2.el7.noarch 9/25
Verifying : policycoreutils-python-2.5-22.amzn2.x86_64 10/25
Verifying : setools-libs-3.3.8-2.amzn2.0.2.x86_64 11/25
Verifying : python2-distro-1.5.0-1.el7.noarch 12/25
Verifying : libcgroup-0.41-21.amzn2.x86_64 13/25
Verifying : python2-josepy-1.3.0-2.el7.noarch 14/25
Verifying : checkpolicy-2.5-6.amzn2.x86_64 15/25
Verifying : libsemanage-python-2.5-11.amzn2.x86_64 16/25
Verifying : pytz-2016.10-2.amzn2.0.1.noarch 17/25
Verifying : python2-acme-1.11.0-1.el7.noarch 18/25
Verifying : python2-certbot-1.11.0-2.el7.noarch 19/25
Verifying : python2-mock-1.0.1-10.el7.noarch 20/25
Verifying : python-zope-interface-4.0.5-4.amzn2.0.2.x86_64 21/25
Verifying : python-zope-event-4.0.3-2.el7.noarch 22/25
Verifying : python2-pyrfc3339-1.1-3.el7.noarch 23/25
Verifying : python2-future-0.18.2-2.el7.noarch 24/25
Verifying : python2-parsedatetime-2.4-6.el7.noarch 25/25
Installed:
certbot.noarch 0:1.11.0-2.el7
Dependency Installed:
audit-libs-python.x86_64 0:2.8.1-3.amzn2.1 checkpolicy.x86_64 0:2.5-6.amzn2 libcgroup.x86_64 0:0.41-21.amzn2 libselinux-python.x86_64 0:2.5-12.amzn2.0.2 libsemanage-python.x86_64 0:2.5-11.amzn2
policycoreutils-python.x86_64 0:2.5-22.amzn2 pyOpenSSL.x86_64 0:0.13.1-3.amzn2.0.2 python-IPy.noarch 0:0.75-6.amzn2.0.1 python-ndg_httpsclient.noarch 0:0.3.2-1.el7 python-requests-toolbelt.noarch 0:0.8.0-3.el7
python-zope-component.noarch 1:4.1.0-5.el7 python-zope-event.noarch 0:4.0.3-2.el7 python-zope-interface.x86_64 0:4.0.5-4.amzn2.0.2 python2-acme.noarch 0:1.11.0-1.el7 python2-certbot.noarch 0:1.11.0-2.el7
python2-configargparse.noarch 0:0.11.0-2.el7 python2-distro.noarch 0:1.5.0-1.el7 python2-future.noarch 0:0.18.2-2.el7 python2-josepy.noarch 0:1.3.0-2.el7 python2-mock.noarch 0:1.0.1-10.el7
python2-parsedatetime.noarch 0:2.4-6.el7 python2-pyrfc3339.noarch 0:1.1-3.el7 pytz.noarch 0:2016.10-2.amzn2.0.1 setools-libs.x86_64 0:3.3.8-2.amzn2.0.2
Complete!certbot --version[root@ip-172-31-92-63 ~]# certbot --version
certbot 1.11.0
certbot execution[root@ip-172-31-92-63 ~]# certbot certonly --standalone -d devops-ssl-test.wazuh.info
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Requesting a certificate for devops-ssl-test.wazuh.info
Performing the following challenges:
http-01 challenge for devops-ssl-test.wazuh.info
Waiting for verification...
Cleaning up challenges
Subscribe to the EFF mailing list (email: [email protected]).
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/devops-ssl-test.wazuh.info/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/devops-ssl-test.wazuh.info/privkey.pem
Your certificate will expire on 2025-02-24. To obtain a new or
tweaked version of this certificate in the future, simply run
certbot again. To non-interactively renew *all* of your
certificates, run "certbot renew"
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
Certificates configuration[root@ip-172-31-92-63 ~]# ls -la /etc/letsencrypt/live/devops-ssl-test.wazuh.info/
total 4
drwxr-xr-x 2 root root 93 Nov 26 18:49 .
drwx------ 3 root root 54 Nov 26 18:49 ..
lrwxrwxrwx 1 root root 50 Nov 26 18:49 cert.pem -> ../../archive/devops-ssl-test.wazuh.info/cert1.pem
lrwxrwxrwx 1 root root 51 Nov 26 18:49 chain.pem -> ../../archive/devops-ssl-test.wazuh.info/chain1.pem
lrwxrwxrwx 1 root root 55 Nov 26 18:49 fullchain.pem -> ../../archive/devops-ssl-test.wazuh.info/fullchain1.pem
lrwxrwxrwx 1 root root 53 Nov 26 18:49 privkey.pem -> ../../archive/devops-ssl-test.wazuh.info/privkey1.pem
-rw-r--r-- 1 root root 692 Nov 26 18:49 README
[root@ip-172-31-92-63 ~]# cp /etc/letsencrypt/live/devops-ssl-test.wazuh.info/privkey.pem /etc/letsencrypt/live/devops-ssl-test.wazuh.info/fullchain.pem /etc/wazuh-dashboard/certs/
[root@ip-172-31-92-63 ~]# vim /etc/wazuh-dashboard/opensearch_dashboards.yml
[root@ip-172-31-92-63 ~]# chown -R wazuh-dashboard:wazuh-dashboard /etc/wazuh-dashboard/
[root@ip-172-31-92-63 ~]# chmod -R 500 /etc/wazuh-dashboard/certs/
[root@ip-172-31-92-63 ~]# chmod 440 /etc/wazuh-dashboard/certs/privkey.pem /etc/wazuh-dashboard/certs/fullchain.pem
[root@ip-172-31-92-63 ~]# systemctl restart wazuh-dashboard
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Community related https://github.com/wazuh/community/issues/37203
Description
It is necessary to update the documentation Configuring SSL certificates on the Wazuh dashboard using Let’s Encrypt, the documentation on YUM does not work on Amazon Linux 2, the distribution we are using for our AMI, it is necessary to consider the installation for this OS and validate that it works on all systems. Recommended:
https://documentation.wazuh.com/current/quickstart.html#operating-system
Task
The text was updated successfully, but these errors were encountered: