Skip to content

Instantly share code, notes, and snippets.

View jlaffaye's full-sized avatar

Julien Laffaye jlaffaye

106 followers · 1 following
View GitHub Profile
@renchap
renchap / README.md
Last active October 12, 2022 17:14
One-line certificate generation/renews with Letsencrypt and nginx

Prerequisites : the letsencrypt CLI tool

This method allows your to generate and renew your Lets Encrypt certificates with 1 command. This is easily automatable to renew each 60 days, as advised.

You need nginx to answer on port 80 on all the domains you want a certificate for. Then you need to serve the challenge used by letsencrypt on /.well-known/acme-challenge. Then we invoke the letsencrypt command, telling the tool to write the challenge files in the directory we used as a root in the nginx configuration.

I redirect all HTTP requests on HTTPS, so my nginx config looks like :

server {
@xrstf
xrstf / letsencrypt.md
Last active April 18, 2023 05:01
Let's Encrypt on Ubuntu 14.04, nginx with webroot auth

Let's Encrypt on Ubuntu 14.04, nginx with webroot auth

This document details how I setup LE on my server. Firstly, install the client as described on http://letsencrypt.readthedocs.org/en/latest/using.html and make sure you can execute it. I put it in /root/letsencrypt.

As it is not possible to change the ports used for the standalone authenticator and I already have a nginx running on port 80/443, I opted to use the webroot method for each of my domains (note that LE does not issue wildcard certificates by design, so you probably want to get a cert for www.example.com and example.com).

Configuration

For this, I placed config files into etc/letsencrypt/configs, named after <domain>.conf. The files are simple:

@spikebike
spikebike / client output
Created March 29, 2012 03:43 — forked from spikebike/client.go
TLS server and client
$ go run client.go
2012/03/28 22:30:21 client: connected to: 127.0.0.1:8000
Client: Server public key is:
[48 129 159 48 13 6 9 42 134 72 134 247 13 1 1 1 5 0 3 129 141 0 48 129 137 2 129 129 0 188 73 207 11 137 150 106 118 45 27 12 18 76 183 252 31 22 193 109 43 118 130 188 244 197 136 26 55 239 51 225 67 171 20 87 35 107 190 16 158 181 84 225 159 112 70 131 173 136 181 130 151 156 4 142 141 218 100 116 219 228 211 136 155 179 220 50 21 181 134 211 72 22 38 226 51 170 165 39 65 231 3 15 26 54 193 142 242 28 66 96 88 138 237 217 65 144 89 231 177 179 200 116 30 45 148 174 56 57 244 29 17 8 22 86 54 215 14 207 55 223 164 216 184 21 46 29 233 2 3 1 0 1] <nil>
2012/03/28 22:30:21 client: handshake: true
2012/03/28 22:30:21 client: mutual: true
2012/03/28 22:30:21 client: wrote "Hello\n" (6 bytes)
2012/03/28 22:30:21 client: read "Hello\n" (6 bytes)
2012/03/28 22:30:21 client: exiting
$