Some users find it cumbersome to manually upload certificates via the interface when using the certificate management feature of SafeLine WAF. They prefer to store certificate files in a fixed directory, allowing SafeLine to automatically detect and update them after the files are overwritten. This way, the entire process can be automated using some tools.
To address or optimize these issues, SafeLine version 7.2.0 introduced the feature of automatically reading and updating certificates. Here’s how to use this feature:
Prerequisites
WAF version ≥ 7.2.0
Upload a Certificate for one time
To inform the WAF that a certificate needs to be periodically updated, you need to upload a certificate to the WAF for one time.
Obtain the Certificate Path
Certificates are stored by default under /data/safeline/resources/nginx/certs
ls /data/safeline/resources/nginx/certs/ -lh
total 8.0K
-rw-r--r-- 1 root root 1.4K Nov 22 18:15 cert_1.crt
-rw-r--r-- 1 root root 1.7K Nov 22 18:15 cert_1.key
Update the Certificate Using Certbot
After obtaining the certificate using tools like certbot, simply overwrite the above files.
SafeLine WAF Scheduled Updates
SafeLine WAF refreshes the certificate content every hour by default.
Top comments (0)