Paso 1: Instalar LetsEncrypt
sudo apt-get install software-properties-common python-software-properties
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install letsencrypt
Paso 2: Configurar el certificado SSL
server {
listen 80 default_server;
server_name _;
location ~ /\.well-known/acme-challenge/ {
allow all;
root /var/www/letsencrypt;
try_files $uri =404;
break;
}
}
Paso 3: Habilitar HTTPS LetsEncrypt
sudo letsencrypt certonly -a webroot --webroot-path=/var/www/letsencrypt -m mail@example.com --agree-tos -d ssl.itsynd
Paso 4: Configuracion nginx
server {
server_name example.com;
listen 443 ssl;
ssl on;
ssl_certificate /etc/letsencrypt/live/ssl.itsyndicate.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/ssl.itsyndicate.org/privkey.pem;
root /var/www/html/;
index index.php index.html index.htm;
location ~ /.well-known {
root /var/www/letsencrypt;
allow all;
}
}
sudo nginx -t
sudo service nginx reload
Paso 5: Verificar la renovación automática
#!/bin/bash
/usr/bin/letsencrypt renew && /etc/init.d/nginx reload