Skip to content

Instantly share code, notes, and snippets.

@sanrandry

sanrandry/tets encribpt dist tmp.md

Created August 4, 2020 05:02
Show Gist options
  • Save sanrandry/5d7fd5143b79368f94b229268a616d67 to your computer and use it in GitHub Desktop.
Save sanrandry/5d7fd5143b79368f94b229268a616d67 to your computer and use it in GitHub Desktop.
Download ZIP
tets encribpt dist tmp
Raw
tets encribpt dist tmp.md
  1. https://certbot.eff.org/

sudo apt-get update sudo apt-get install software-properties-common sudo add-apt-repository ppa:certbot/certbot sudo apt-get update sudo apt-get install python-certbot-nginx

  1. Auto, works when you have one virtual server on nginx

  2. manual, or if you have multiple virtual servers under nginx sudo letsencrypt certonly -a webroot --webroot-path=/usr/share/nginx/website.com/ -d website.com

  3. Edit nginx config to add ssl entries

  • Add redirect to https in port 80 block return 301 https://$host$request_uri;

  • Add a new block for port 443 server { server_name website.com; listen 443 ssl; listen [::]:443 ssl; root /usr/share/nginx/website.com; index index.php index.html index.htm;

    ssl_certificate /etc/letsencrypt/live/website.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/website.com/privkey.pem; }

  1. sudo nginx -t

  2. sudo service nginx restart

server { listen 80; listen [::]:80; server_name www.website.com *.website.com; return 301 https://$host$request_uri; root /usr/share/nginx/website.com; }

server { server_name website.com; listen 443 ssl; listen [::]:443 ssl; root /usr/share/nginx/website.com; index index.php index.html index.htm;

ssl_certificate /etc/letsencrypt/live/website.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/website.com/privkey.pem; }

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment