OG-Dev - Certbot Давайте зашифруем Nginx Ubuntu/Debian

27.09.2021 | 666 | SQL

Certbot Давайте зашифруем Nginx Ubuntu/Debian

We put certbot

apt install certbot

Checking the possibility of receiving:

certbot certonly --webroot -w /var/www/site.com/public -d site.com --dry-run

If everything is fine, we make a request for a certificate (without --dry-run):

certbot certonly --webroot -w /var/www/site.com/public -d site.com

If there are errors, read carefully, for example, this is about the absence of an IP address for the specified domain:
Detail: During secondary validation: No valid IP addresses found

We register the certificate in the site config for the web server:

... server { server_name site.com www.site.com; listen *:443 ssl;  ssl_certificate /etc/letsencrypt/live/site.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/site.com/privkey.pem; ...

Restarting the web server:

systemctl restart nginx.service

We add an auto-update check to the scheduler once a week:

crontab -e 37 3 * * 2 certbot renew

← Back

Certbot Let's encrypt Nginx Ubuntu

Comments (0)