Hello, I'm using nginx within docker, so I've installed certbot on the host machine and used certbot certonly
along with the dns-digitalocean plugin to generate my certs. It's working well, except I get a B rating on ssl labs. I believe this is because I'm missing the optional-ssl-nginx.conf
and ssl-dhparams.pem
bits from my nginx config. How do I get certbot to generate these and keep them up to date, without it trying to modify my nginx config or running the nginx binary? (It can't because nginx is inside a docker container). I was hoping to simply include the lines in my nginx config, like:
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
Is my only option to copy them from the certbot source code (here and here)? They're small files but I worry they'll get stale.
My domain is:
29th.xyz
My web server is (include version):
Technically it's nginx, but it's running in a docker container, so there is no nginx
binary on the host machine.
The operating system my web server runs on is (include version):
Ubuntu 18.04.3 LTS
My hosting provider, if applicable, is:
Digital Ocean
I can login to a root shell on my machine (yes or no, or I don't know):
Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
No
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot):
1.9.0