Post by sabbirislam258 on Feb 14, 2024 0:39:02 GMT -8
Tha service activation of sending log entries to the server Configuring firewalls To be able to receive and transmit messages over the network, the appropriate ports must be open on all nodes of the cluster. To configure them, we will use the capabilities of the UFW firewalls of both nodes and adjust the rules set for them. Server Ports 19532 and 80 must be open on the server . In particular, port 80 is needed by the ACME client to generate SSL / TLS certificates. To do this, we will use the following commands: $ sudo ufw allow in 19532/tcp Opening port 19532 $ sudo ufw allow in 80/tcp Opening port 80 The rules for the firewall have been successfully updated - "Rules updated". After that, we will update the rules on the client node.
Client On the client node, it is enough to open only Armenia Telemarketing Data one of the ports: $ sudo ufw allow in 80/tcp Opening port 80 Rules successfully updated! The ports on both machines are configured and therefore you can proceed to the registration of SSL / TLS certificates for all nodes of the cluster. Installing the ACME client SSL / TLS certificates allow network nodes to encrypt transmitted data and perform mutual authentication. This becomes possible due to the use of the secure https protocol in the browser. For use in our project, we choose free TLS certificates from Let's Encrypt . To work with them, we will need one of the ACME clients, as which the Certbot utility can be used. It will help us to first register the certificates and later to carry out their automatic renewal in the event of their expiration date.
First, let's install Certbot on the server. Server First, we activate access to one of the Ubuntu repositories to which the Certbot program belongs . To do this, enter in the terminal: $ sudo apt install software-properties-common Activating access to the repository $ sudo add-apt-repository universe Here universe is the repository we need. Activation of the universe repository Now let's update the package index: $ sudo apt update Updating the package index After that, you can start installing the ACME client. Type in the terminal: $ sudo apt install certbot Installing Certbot We agree to allocate additional 4,915 Kb on the disk and start the program installation process. Certbot installation process Completion of Certbot installation The program has been successfully installed - "Setting up certbot (1.21.0-1build1)" .
Client On the client node, it is enough to open only Armenia Telemarketing Data one of the ports: $ sudo ufw allow in 80/tcp Opening port 80 Rules successfully updated! The ports on both machines are configured and therefore you can proceed to the registration of SSL / TLS certificates for all nodes of the cluster. Installing the ACME client SSL / TLS certificates allow network nodes to encrypt transmitted data and perform mutual authentication. This becomes possible due to the use of the secure https protocol in the browser. For use in our project, we choose free TLS certificates from Let's Encrypt . To work with them, we will need one of the ACME clients, as which the Certbot utility can be used. It will help us to first register the certificates and later to carry out their automatic renewal in the event of their expiration date.
First, let's install Certbot on the server. Server First, we activate access to one of the Ubuntu repositories to which the Certbot program belongs . To do this, enter in the terminal: $ sudo apt install software-properties-common Activating access to the repository $ sudo add-apt-repository universe Here universe is the repository we need. Activation of the universe repository Now let's update the package index: $ sudo apt update Updating the package index After that, you can start installing the ACME client. Type in the terminal: $ sudo apt install certbot Installing Certbot We agree to allocate additional 4,915 Kb on the disk and start the program installation process. Certbot installation process Completion of Certbot installation The program has been successfully installed - "Setting up certbot (1.21.0-1build1)" .