Hello,
Currently I generated the certificates and everything is working fine.
- I generated SAN certificates in server A using docker run cmd and certificates are generated in /etc/letsencrypt/live/$domain
- Stored those certificates in server B(Repo server)
- Then copy those certificates from server B to server C(its our production server)
Can someone help me to elaborate how to effectively manage the certificates. currently I am doing this
- When the certificates are to be expired , a certificate renew request is sent to letsencrypt and receive the new certificates.
- Again copy those certificates to Server B
- Stop NGINX in server C , copy the cert from server B and then start nginx again
The above looks bit cumbersome . Can someone share how they managed in the production environment
My domain is:
quantiply.com
I ran this command:
docker run -it --rm -v /docker-volumes/etc/letsencrypt:/etc/letsencrypt -v /docker-volumes/var/lib/letsencrypt:/var/lib/letsencrypt -v /docker/letsencrypt-docker-nginx/src/letsencrypt/letsencrypt-site:/data/letsencrypt -v “/docker-volumes/var/log/letsencrypt:/var/log/letsencrypt” certbot/certbot certonly --webroot --agree-tos --no-eff-email --webroot-path=/data/letsencrypt -d $host_name -d
It produced this output:
Congratulations. Certificates generated successfully
My web server is (include version):
nginx -1.14.2-1.el7_4
The operating system my web server runs on is (include version):
CentOS Linux release 7.6.1810
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot):
0.29.1