Certbot /
Generating SSL with CertBot and nginx
Requirement
You need to have certbot-nginx plugin installed.
Depending on your machine, Installing certbot
, nginx
, and certbot-nginx
in Debian / Ubuntu could be done with the following:
~ $ sudo apt install nginx certbot python3-certbot-nginx
Writting nginx config
Edit /etc/nginx/conf.d/main.conf
, insert the following:
server { server_name domainname.com; listen 80; listen [::]:80; root "/var/www/htdocs"; }
Replace domainname.com
with your domain.
Generate key
Run:
~ $ certbot --nginx
You will be asked which domain to generate with.
Saving debug log to /var/log/letsencrypt/letsencrypt.log Which names would you like to activate HTTPS for? We recommend selecting either all domains, or all domains in a VirtualHost/server block. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: domainname.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate numbers separated by commas and/or spaces, or leave input blank to select all options shown (Enter 'c' to cancel):
Press 1
, and wait it till finish.
In the end, it will ask you whenever you want to make certbot to configure your nginx to be https-only.
Automatic daily check
Edit root crontab by running the following:
~ # crontab -e
Insert the following, and save it:
30 * * * * certbot -q --nginx --keep-until-expiring --domains domainname.com
Again, change domainname.com
with your domain name.