From a basic test, if I have customised /etc/apache2/sites-enabled/subdomain.domain.tld.conf to add some commands to say allow the running of Passenger for a ruby web app, I can get the SSL updates with sudo sympl-ssl --force subdomain.domain.tld, however when I run sudo sympl-web-configure --verbose the following output is provided:
Configuration: subdomain.domain.tld.conf
Not updating configuration, as it has been edited by hand.
Already enabled.
On checking the Apache config the SSL certificate has been kept at the older version, and isn’t using latest.
Is there any way to support SSL updates with a custom Apache config?
OS is Debian Buster.
On the testing version of Sympl.
(subdomain.domain.tld is adjusted to the appropriate domain).
Yes, edit the file /etc/apache2/sites-enabled/subdomain.domain.tld.conf and locae the the path to the SSL cert and key, which will be something like /srv/subdomain.domain.tld/config/ssl/sets/1/.
Change this to /srv/subdomain.domain.tld/config/ssl/current/ and it should be fine an pick up any changes to the cert when Apache is reloaded (which happens as part of the hooks for sympl-ssl).
The plan is that a later version of Sympl will simply default to using the config/ssl/current/ path, making this unnecessary, but it’s a workaround for now.
One of the ways around this under symbiosis was to add an IncludeOptional directive to the master templates (ssl.template.erb & non_ssl.template.erb) with customisations kept in, say, config…
I’ve been using this a lot in the previously suggested version with files config/apache*.conf and it’s been fantastically useful. Now moved them all to apache.d after the upgrade and it seems to be working as it should.
Thank you for this.