{"id":3311,"date":"2021-02-19T15:24:35","date_gmt":"2021-02-19T12:24:35","guid":{"rendered":"https:\/\/blog.hostixo.com\/?p=3311"},"modified":"2021-02-19T15:24:35","modified_gmt":"2021-02-19T12:24:35","slug":"ucretsiz-ssl-kurulumu-lets-encrypt","status":"publish","type":"post","link":"https:\/\/www.hostixo.com\/blog\/ucretsiz-ssl-kurulumu-lets-encrypt\/","title":{"rendered":"CentOS 7 Apache Sunucuda \u00dccretsiz SSL Kurulumu ( Let\u2019s Encrypt )"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_82_2 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">\u0130\u00e7indekiler \u2714<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"\u0130\u00e7indekiler Tablosunu A\u00e7\/Kapat\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.hostixo.com\/blog\/ucretsiz-ssl-kurulumu-lets-encrypt\/#Gereken_modullerin_kurulumu\" >Gereken mod\u00fcllerin kurulumu<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.hostixo.com\/blog\/ucretsiz-ssl-kurulumu-lets-encrypt\/#Lets_Encrypt_istemcisinin_indirilmesi\" >Let\u2019s Encrypt istemcisinin indirilmesi<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.hostixo.com\/blog\/ucretsiz-ssl-kurulumu-lets-encrypt\/#Ucretsiz_SSL_sertifikasi_kurulumu\" >\u00dccretsiz SSL sertifikas\u0131 kurulumu<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.hostixo.com\/blog\/ucretsiz-ssl-kurulumu-lets-encrypt\/#Ucretsiz_SSL_sertifikasi_icin_otomatik_yenileme\" >\u00dccretsiz SSL sertifikas\u0131 i\u00e7in otomatik yenileme\u00a0<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.hostixo.com\/blog\/ucretsiz-ssl-kurulumu-lets-encrypt\/#Sonuc\" >Sonu\u00e7<\/a><\/li><\/ul><\/nav><\/div>\n<p>Bu yaz\u0131m\u0131zda, CentOS 7 Apache sunucuda Let\u2019s Encrypt ile \u00fccretsiz SSL kurulumu konusundan bahsedece\u011fiz. G\u00f6sterece\u011fimiz t\u00fcm ad\u0131mlar\u0131 uygulad\u0131\u011f\u0131n\u0131z zaman <a href=\"https:\/\/www.hostixo.com\/sunucu\/sanal-sunucu\/\" data-internallinksmanager029f6b8e52c=\"3\" title=\"vps sat\u0131n al\">sunucu<\/a> ile istemci aras\u0131ndaki b\u00fct\u00fcn trafi\u011fi \u015fifrelemi\u015f olacaks\u0131n\u0131z. Bu i\u015flem e-ticaret <a href=\"https:\/\/www.hostixo.com\/\">web<\/a> <a href=\"https:\/\/www.hostixo.com\/hosting\/hazir-site\/\" data-internallinksmanager029f6b8e52c=\"11\" title=\"haz\u0131r site\">site<\/a>lerini ve di\u011fer finansal hizmet veren sitelerin \u00e7evrimi\u00e7i olarak g\u00fcvence alt\u0131na al\u0131nmas\u0131 i\u00e7in kullan\u0131lan standart bir uygulamad\u0131r.\u00a0 \u00dccretsiz SSL uygulamas\u0131n\u0131n \u00f6nc\u00fcs\u00fc olan Let\u2019s Encrypt, bu yaz\u0131m\u0131zda sertifika sa\u011flay\u0131c\u0131s\u0131n\u0131n ismi olarak kullan\u0131lacakt\u0131r.<\/p>\n<p><img decoding=\"async\" class=\"alignnone wp-image-3336 lazyload\" data-src=\"https:\/\/www.hostixo.com\/blog\/wp-content\/uploads\/2021\/02\/Screenshot_1-1.png\" alt=\"CentOS 7 Apache Sunucuda \u00dccretsiz SSL Kurulumu ( Let\u2019s Encrypt )\" width=\"524\" height=\"339\" title=\"\" src=\"data:image\/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==\" style=\"--smush-placeholder-width: 524px; --smush-placeholder-aspect-ratio: 524\/339;\"><noscript><img decoding=\"async\" class=\"alignnone wp-image-3336\" src=\"https:\/\/www.hostixo.com\/blog\/wp-content\/uploads\/2021\/02\/Screenshot_1-1.png\" alt=\"CentOS 7 Apache Sunucuda \u00dccretsiz SSL Kurulumu ( Let\u2019s Encrypt )\" width=\"524\" height=\"339\" title=\"\"><\/noscript><\/p>\n<p>Konumuza ba\u015flamadan \u00f6nce a\u015fa\u011f\u0131da bahsedece\u011fimiz \u015feylere ihtiyac\u0131n\u0131z olacakt\u0131r.<\/p>\n<ul>\n<li>CentOS 7 VPS\u2019e root SSH eri\u015fimi<\/li>\n<li>D\u00fczg\u00fcn bir \u015fekilde yap\u0131land\u0131r\u0131lm\u0131\u015f <a href=\"https:\/\/www.hostixo.com\/domain\/alan-adi-kaydi\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"domain sorgula\">domain<\/a> ve vhost ile Apache web sunucusu<\/li>\n<\/ul>\n<p>\u015eimdi uygulaman\u0131z gereken ad\u0131mlara bir bakal\u0131m.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Gereken_modullerin_kurulumu\"><\/span><span id=\"Adim-1-Gerekli-modullerin-kurulumu\"><strong>Gereken mod\u00fcllerin kurulumu<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Certbot\u2018un kurulum i\u015flemi i\u00e7in, EPEL dizinini varsay\u0131lan olarak bulunmad\u0131\u011f\u0131 i\u00e7in y\u00fcklemeniz gerekiyor. \u015eifrelemenin Apache taraf\u0131ndan yap\u0131lmas\u0131 i\u00e7in ise\u00a0 <strong>mod_ssl<\/strong>\u00a0de gereklidir.<\/p>\n<p>Bu ba\u011f\u0131ml\u0131l\u0131klar\u0131n ikisini de y\u00fcklemek i\u00e7in a\u015fa\u011f\u0131da yer alan komutu \u00e7al\u0131\u015ft\u0131r\u0131n:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"shell\" data-enlighter-theme=\"minimal\" data-enlighter-linenumbers=\"false\">yum install epel-release mod_ssl<\/pre>\n<p>\u015eimdi ise certbot\u2019un kendisini kurmaya haz\u0131r olman\u0131z gerekiyor.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Lets_Encrypt_istemcisinin_indirilmesi\"><\/span><span id=\"Adim-2-Lets-Encrypt-istemcisinin-indirilmesi\"><strong>Let\u2019s Encrypt istemcisinin indirilmesi<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Daha sonra, certbot istemcisini EPEL deposundan y\u00fcklemeniz gerekiyor:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"shell\" data-enlighter-theme=\"minimal\">yum install python-certbot-apache<\/pre>\n<p>&nbsp;<\/p>\n<p>Certbot \u015fimdi kurulmu\u015f ve kullan\u0131m i\u00e7in haz\u0131r olmal\u0131d\u0131r.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Ucretsiz_SSL_sertifikasi_kurulumu\"><\/span><span id=\"Adim-3-Ucretsiz-SSL-sertifikasi-kurulumu\"><strong>\u00dccretsiz SSL sertifikas\u0131 kurulumu<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Certbot, SSL sertifikas\u0131 y\u00f6netimini kolayl\u0131k bir \u015fekilde yapacakt\u0131r. Parametre olarak sa\u011flayaca\u011f\u0131n\u0131z <a href=\"https:\/\/www.hostixo.com\/domain\/alan-adi-kaydi\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"domain sorgula\">domain<\/a> i\u00e7in yeni bir sertifika olu\u015fturacakt\u0131r.<\/p>\n<p>Biz bu yaz\u0131m\u0131zda sizlere \u00f6rnek olmas\u0131 i\u00e7in, sertifikan\u0131n verilece\u011fi domani test.com olarak belirledik.<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"shell\" data-enlighter-theme=\"minimal\" data-enlighter-linenumbers=\"false\">certbot --apache -d test.com<\/pre>\n<p>&nbsp;<\/p>\n<p>Birden fazla domain ya da alt domain i\u00e7in SSL olu\u015fturmak istiyorsan\u0131z e\u011fer a\u015fa\u011f\u0131da yer alan komutu kullanman\u0131z gerekiyor:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"shell\" data-enlighter-theme=\"minimal\" data-enlighter-linenumbers=\"false\">certbot --apache -d test.com -d www.test.com<\/pre>\n<p>&nbsp;<\/p>\n<div class=\"protip text-light-black light-red-box\">\n<p>UYARI! \u0130lk domainin sizin kulland\u0131\u011f\u0131n\u0131z ana domain olmas\u0131 gerekiyor. Biz bu \u00f6rnek i\u00e7in test.com\u2019u belirlemi\u015ftik.<\/p>\n<\/div>\n<p>Sertifikan\u0131n y\u00fcklenmesi i\u015flemi i\u00e7in, sertifika ayr\u0131nt\u0131lar\u0131n\u0131 \u00f6zelle\u015ftirebilmenizi ad\u0131m ad\u0131m sa\u011flayacak bir yaz\u0131 sunulur. HTTPS\u2019yi zorlamak ya da HTTP\u2019yi varsay\u0131lan protokol olarak b\u0131rakmak aras\u0131nda bir se\u00e7im yapman\u0131z m\u00fcmk\u00fcnd\u00fcr. G\u00fcvenlik nedenlerinden dolay\u0131 bir e mail adresi yazman\u0131z gerekecektir.<\/p>\n<p>Kurulumun tamamlanmas\u0131n\u0131n ard\u0131ndan, benzer bir mesaj g\u00f6rmeniz gerekiyor:<\/p>\n<pre class=\"\">IMPORTANT NOTES:\r\n\r\n\u00a0- If you lose your account credentials, you can recover through\r\n\u00a0 \u00a0e-mails sent to user@example.com.\r\n\u00a0- Congratulations! Your certificate and chain have been saved at\r\n\u00a0 \u00a0\/etc\/letsencrypt\/live\/example.com\/fullchain.pem. Your cert\r\n\u00a0 \u00a0will expire on 2016-04-21. To obtain a new version of the\r\n\u00a0 \u00a0certificate in the future, simply run Let's Encrypt again.\r\n\u00a0- Your account credentials have been saved in your Let's Encrypt\r\n\u00a0 \u00a0configuration directory at \/etc\/letsencrypt. You should make a\r\n\u00a0 \u00a0secure backup of this folder now. This configuration directory will\r\n\u00a0 \u00a0also contain certificates and private keys obtained by Let's\r\n\u00a0 \u00a0Encrypt so making regular backups of this folder is ideal.\r\n\u00a0- If you like Let's Encrypt, please consider supporting our work by:\r\n\r\n\u00a0 \u00a0Donating to ISRG \/ Let's Encrypt: \u00a0 https:\/\/letsencrypt.org\/donate\r\n\u00a0 \u00a0Donating to EFF: \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0https:\/\/eff.org\/donate-le<\/pre>\n<h2><span class=\"ez-toc-section\" id=\"Ucretsiz_SSL_sertifikasi_icin_otomatik_yenileme\"><\/span><span id=\"Adim-4-Ucretsiz-SSL-sertifikasi-icin-otomatik-yenileme-ayarlamak\"><strong>\u00dccretsiz SSL sertifikas\u0131 i\u00e7in otomatik yenileme\u00a0<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Let\u2019s Encrypt \u00fccretsiz ss sertifikalar\u0131 90 g\u00fcn (3 ay) boyunca ge\u00e7erli olmaktad\u0131r. Fakat b\u00fct\u00fcn web uzmanlar\u0131 olas\u0131 bir sorunun \u00f6n\u00fcne ge\u00e7mek i\u00e7in 60 g\u00fcnde bir yenilemenizi \u00f6nermektedir. Yenileme i\u015flemi i\u00e7in certbot a\u015fa\u011f\u0131da yer alan komut ile yard\u0131mc\u0131 olacakt\u0131r:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"shell\" data-enlighter-theme=\"minimal\" data-enlighter-linenumbers=\"false\">renew<\/pre>\n<p>&nbsp;<\/p>\n<p>Sertifikan\u0131n, son kullan\u0131m tarihinden itibaren 30 g\u00fcnden az bir s\u00fcre ge\u00e7ip ge\u00e7medi\u011finin kontrol\u00fcn\u00fc sa\u011flayacakt\u0131r.<\/p>\n<p>Devam etmek i\u00e7in a\u015fa\u011f\u0131da yer alan komutu kullan\u0131n:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"shell\" data-enlighter-theme=\"minimal\" data-enlighter-linenumbers=\"false\">certbot renew<\/pre>\n<p>&nbsp;<\/p>\n<p>Y\u00fcklenen sertifika yeniyse e\u011fer certbot sadece son kullanma tarihini kontrol edecektir:<\/p>\n<pre class=\"\">Processing \/etc\/letsencrypt\/renewal\/test.com.conf\r\n\r\nThe following certs are not due for renewal yet:\r\n\u00a0 \/etc\/letsencrypt\/live\/test.com\/fullchain.pem (skipped)\r\nNo renewals were attempted.<\/pre>\n<p>Bu yenileme s\u00fcrecinin otomatikle\u015fmesi i\u00e7in bir cronjob\u00a0 kurabilirsiniz. \u00d6ncelikli olarak, crontab\u2019\u0131 a\u00e7\u0131n:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"shell\" data-enlighter-theme=\"minimal\" data-enlighter-linenumbers=\"false\">crontab -e<\/pre>\n<p>&nbsp;<\/p>\n<p>Bu g\u00f6revi her Pazartesi gece yar\u0131s\u0131 \u00e7al\u0131\u015facak \u015fekilde planlayabilirsiniz:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"shell\" data-enlighter-theme=\"minimal\">0 0 * * 1 \/usr\/bin\/certbot renew &gt;&gt; \/var\/log\/sslyenileme.log<\/pre>\n<p>&nbsp;<\/p>\n<p>Komut dosyas\u0131n\u0131n \u00e7\u0131kt\u0131s\u0131 a\u015fa\u011f\u0131da belirtti\u011fimiz yere yaz\u0131lacakt\u0131r:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"shell\" data-enlighter-theme=\"minimal\">\/var\/log\/sslyenileme.log<\/pre>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Sonuc\"><\/span><strong>Sonu\u00e7<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Gerekli olan g\u00fcvenli\u011fi \u00fccretsiz SSL sertifikas\u0131n\u0131n uygulanmas\u0131yla, Apache web sunucunuzu g\u00fcvenli hale getirmi\u015f bulunuyorsunuz. Bundan sonra sunucu ve istemci aras\u0131nda yer alan b\u00fct\u00fcn trafikler \u015fifrelenir. Hi\u00e7 kimsenin ileti\u015fimi engellemeyece\u011fini, \u00f6nemli bilgilerinizi de\u011fi\u015ftirerek alamayaca\u011f\u0131ndan emin olabilirsiniz.<\/p>\n<p>CentOS 7 Apache Sunucuda Let\u2019s Encrypt ile \u00dccretsiz SSL Kurulumu ba\u015fl\u0131kl\u0131 yaz\u0131m\u0131z ile ilgili akl\u0131n\u0131za tak\u0131lan sorular\u0131n\u0131z\u0131n yan\u0131t\u0131n\u0131 alabilmeniz i\u00e7in veya \u00f6neride bulunabilmeniz i\u00e7in a\u015fa\u011f\u0131da yer alan yorumlar k\u0131sm\u0131n\u0131 kullanarak bizimle ileti\u015fime ge\u00e7ebilirsiniz.<\/p>\n<p>Dilerseniz daha \u00f6nce blo\u011fumuzda payla\u015ft\u0131\u011f\u0131m\u0131z <a href=\"https:\/\/www.hostixo.com\/blog\/veri-merkezi-tier-standartlari-nelerdir\/\">Veri Merkezi Tier Standartlar\u0131 Nelerdir ?<\/a>\u00a0ba\u015fl\u0131kl\u0131 yaz\u0131m\u0131z\u0131 da okuyabilirsiniz.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Bu yaz\u0131m\u0131zda, CentOS 7 Apache sunucuda Let\u2019s Encrypt ile \u00fccretsiz SSL kurulumu konusundan bahsedece\u011fiz. G\u00f6sterece\u011fimiz t\u00fcm ad\u0131mlar\u0131 uygulad\u0131\u011f\u0131n\u0131z zaman sunucu ile istemci aras\u0131ndaki b\u00fct\u00fcn trafi\u011fi \u015fifrelemi\u015f olacaks\u0131n\u0131z. Bu i\u015flem e-ticaret web sitelerini ve di\u011fer finansal hizmet veren sitelerin \u00e7evrimi\u00e7i olarak g\u00fcvence alt\u0131na al\u0131nmas\u0131 i\u00e7in kullan\u0131lan standart bir uygulamad\u0131r.\u00a0 \u00dccretsiz SSL uygulamas\u0131n\u0131n \u00f6nc\u00fcs\u00fc olan Let\u2019s Encrypt, &hellip;<\/p>\n","protected":false},"author":1,"featured_media":3333,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_mbp_gutenberg_autopost":false,"footnotes":""},"categories":[166],"tags":[],"class_list":["post-3311","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-sunucu"],"_links":{"self":[{"href":"https:\/\/www.hostixo.com\/blog\/wp-json\/wp\/v2\/posts\/3311","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.hostixo.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.hostixo.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.hostixo.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.hostixo.com\/blog\/wp-json\/wp\/v2\/comments?post=3311"}],"version-history":[{"count":0,"href":"https:\/\/www.hostixo.com\/blog\/wp-json\/wp\/v2\/posts\/3311\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.hostixo.com\/blog\/wp-json\/wp\/v2\/media\/3333"}],"wp:attachment":[{"href":"https:\/\/www.hostixo.com\/blog\/wp-json\/wp\/v2\/media?parent=3311"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.hostixo.com\/blog\/wp-json\/wp\/v2\/categories?post=3311"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.hostixo.com\/blog\/wp-json\/wp\/v2\/tags?post=3311"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}