Certbot Let's encrypt Nginx Ubuntu

27.09.2021 | 380 | SQL

Certbot Давайте зашифруем Nginx Ubuntu/Debian

We put certbot
apt install certbot
Checking the possibility of receiving:
certbot certonly --webroot -w /var/www/site.com/public -d site.com --dry-run
If everything is fine, we make a request for a certificate (without --dry-run):
certbot certonly --webroot -w /var/www/site.com/public -d site.com
If there are errors, read carefully, for example, this is about the absence of an IP address for the specified domain:
Detail: During secondary validation: No valid IP addresses found

We register the certificate in the site config for the web server:
... server { server_name site.com www.site.com; listen *:443 ssl;  ssl_certificate /etc/letsencrypt/live/site.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/site.com/privkey.pem; ...
Restarting the web server:
systemctl restart nginx.service
We add an auto-update check to the scheduler once a week:
crontab -e 37 3 * * 2 certbot renew

← Back

Comments (0)