Certbot

From Wiki
Revision as of 19:28, 29 November 2018 by Scott (talk | contribs)
Jump to navigation Jump to search

https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04

certbot connects to Let's Encrypt to obtain an SSL certificate for your server.

  • Install packages
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install python-certbot-nginx
  • Create the file /etc/nginx/snippets/ssl-certbot-renewal.conf:
# support for certbot ssl auto-renewal
location ^~ /.well-known/ {
    default_type "text/plain";
    root /var/www/html/;
}
  • Create the well-known directory for verification:
mkdir -p /var/www/html/.well-known
  • Include the following line in the ssl config for each domain:
include snippets/ssl-certbot-renewal.conf;
  • Restart nginx
  • Now run a command like this:
certbot certonly --webroot --webroot-path=/var/www/html \
-d example.com \
-d domain1.example.com \
-d domain2.example.com
  • Test with this:
sudo certbot renew --dry-run
Retrieved from "https://wiki.scott5.org/index.php?title=Certbot&oldid=1700"