Skip to content

Instantly share code, notes, and snippets.

@indywidualny
Last active Jan 30, 2017
Embed
What would you like to do?
Let's encrypt @ nginx
vim /etc/nginx/nginx.conf
...
server {
...
location ^~ /.well-known/acme-challenge/ {
allow all;
default_type "text/plain";
}
...
}
...
certbot certonly --webroot -w /usr/share/nginx/html -d example.com
certbot renew --dry-run
crontab -e
# at 2:30 AM every day
30 2 * * * certbot renew --quiet && /usr/sbin/nginx -s reload
vim /etc/nginx/nginx.conf
...
server {
listen 80;
listen [::]:80;
listen 443 default_server ssl;
server_name example.com;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
if ($scheme = http) {
return 301 https://$server_name$request_uri;
}
...
location ^~ /.well-known/acme-challenge/ {
allow all;
default_type "text/plain";
}
}
...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment