Let's Encrypt

Creating Certificate

  • apt-get install git
  • systemctl stop nginx
  • git clone https://github.com/letsencrypt/letsencrypt
  • cd letsencrypt/
  • Run this command
    ./letsencrypt-auto certonly --email stwn@domain.or.id --agree-tos -d stwn.domain.or.id

    Choose “3 Automatically use a temporary webserver (standalone)”.

  • nano /etc/nginx/sites-enabled/stwn.domain.or.id
    server {
        listen  80;
        server_name stwn.domain.or.id;
        return 301 https://$server_name$request_uri;
}

server {
        listen  443;
        server_name stwn.domain.or.id;
        ssl_certificate /etc/letsencrypt/live/stwn.domain.or.id/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/stwn.domain.or.id/privkey.pem
}
  • systemctl start nginx

Renewing Certificate

Stop nginx, use the same command in previous section, and start again nginx. That's all.

 
doc/letsencrypt.txt · Last modified: 2016/09/06 01:36 by stwn · [Old revisions]
Recent changes RSS feed Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki