====== Let's Encrypt ======

===== Creating Certificate =====

  * apt-get install git
  * systemctl stop nginx
  * git clone https://github.com/letsencrypt/letsencrypt
  * cd letsencrypt/
  * Run this command<code>./letsencrypt-auto certonly --email stwn@domain.or.id --agree-tos -d stwn.domain.or.id</code>Choose "3 Automatically use a temporary webserver (standalone)".
  * nano /etc/nginx/sites-enabled/stwn.domain.or.id<code>server {
        listen  80;
        server_name stwn.domain.or.id;
        return 301 https://$server_name$request_uri;
}

server {
        listen  443;
        server_name stwn.domain.or.id;
        ssl_certificate /etc/letsencrypt/live/stwn.domain.or.id/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/stwn.domain.or.id/privkey.pem
}</code>
  * systemctl start nginx

===== Renewing Certificate =====
Stop nginx, use the same command in previous section, and start again nginx. That's all.