Correctly Install SSL , nginx in CLI


#1

I’ve posted letsencrypt and webmin packages. on this post

Now, I’m posting alternative way of command line.

  1. edit your vhost nginx conf file

let your vhost conf is /etc/nginx/sites-available/example.com.conf
adds “.well-known/acme-challenge/” directory location

server {
 …
   location ~ .well-known/acme-challenge/ {
     root /var/www/example.com/webroot;
     default_type text/plain;
   } 
  …
}
  1. run letsencrypt commands.

letsencrypt certonly --email yourid@example.com -d example.com -d www.example.com --webroot --webroot-path /var/www/example.com/webroot

  1. After command certonly , conf will exist : /etc/letsencrypt/renewal/example.com.conf
    And SSL key , cert file are located following links.

    root@dev:~# ls -l /etc/letsencrypt/live/example.com/
    total 0
    lrwxrwxrwx 1 root root 40 Dec 17 23:31 cert.pem -> …/…/archive/example.com/cert3.pem
    lrwxrwxrwx 1 root root 41 Dec 17 23:31 chain.pem -> …/…/archive/example.com/chain3.pem
    lrwxrwxrwx 1 root root 45 Dec 17 23:31 fullchain.pem -> …/…/archive/example.com/fullchain3.pem
    lrwxrwxrwx 1 root root 43 Dec 17 23:31 privkey.pem -> …/…/archive/example.com/privkey3.pem
    root@dev:~#

  2. Edit Nginx Vhost conf for SSL certi and key

    Server {

    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

    }


#2

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.