How to install nginx plugin?


#1

I follow install guide so cloning https://github.com/letsencrypt/letsencrypt
I should install letsencrypt-nginx but find no doc to do it.
And this is confirmd by letsencrypt-auto --nginx which detects letsencrypt-nginx not installed.
So where is the doc to install it ?

Thanks
PC


#2

The only method I discovered was to use the manual method. Were you able to figure anything out?


#3

The webroot method works quite well.

Add to your config:

location ~ .well-known/acme-challenge/ {
    root /var/www/letsencrypt;
    default_type text/plain;
}

Then you can use --webroot --webroot-path /var/www/letsencrypt for all your domains.


#4

Yes, this is the good way with :

/path/to/letsencrypt/letsencrypt-auto --config www.myweb.fr.conf certonly

with www.myweb.fr.conf :
(here I have removed the comments)

rsa-key-size = 4096
email = myemail@mywweb.fr
domains = www.myweb.fr
text = True
authenticator = webroot
webroot-path = /tmp/letsencrypt-auto

and as you indicate in nginx config for http://www.myweb.fr :

location ~ .well-known/acme-challenge/ {
root /tmp/letsencrypt-auto;
default_type text/plain;
}

I have created /tmp/letsencrypt-auto directory but maybe it is not necessary.
I have executed letsencrypt-auto from a sudoer but not as root.


#5

As it has not been clear for me, I add that the purpose of webroot is to easily allow letsencrypt to check that you are the “authority” for the site you are asking a certificate for.


#6

nginx config as mentioned. Make sure, every location / for any subdomain in your nginx config has this snippet.
I have no full example here, as my configs are too complicated to make a good example.

The commandline was:

letsencrypt certonly --email your@mail -d domain -d www.domain --webroot --webroot-path /var/www/letsencrypt/

this makes sure, you do not need to adapt the webroot-path for each domain and the config snippet is always the same.


#7

Meanwhile, cli letsencrypt has been renamed to certbot. Use the following command to install the nginx plugin:

$ sudo apt install python-certbot-nginx