NGINX Config and SSL Labs Testing


Hey all,

First off, great work on Let’s Encrypt! Love the project.

I’ve have the following in my server block

#Let's Encrypt
ssl_certificate_key /etc/letsencrypt/live/$domain/privkey.pem;
ssl_certificate /etc/letsencrypt/live/$domain/fullchain.pem;
ssl_protocols TLSv1.2;

The files are

[root@server]# ls -lrt
lrwxrwxrwx. 1 root root 43 Dec  5 21:25 privkey.pem -> ../../archive/$domain/privkey5.pem
lrwxrwxrwx. 1 root root 45 Dec  5 21:25 fullchain.pem -> ../../archive/$domain/fullchain5.pem
lrwxrwxrwx. 1 root root 41 Dec  5 21:25 chain.pem -> ../../archive/$domain/chain5.pem
lrwxrwxrwx. 1 root root 40 Dec  5 21:25 cert.pem -> ../../archive/$domain/cert5.pem

I’m getting a Grade B on SSL Labs

Any advise is greatly appreciated.




Forgot to restart NGINX.

Silly me…


Good for you! Also, next time don’t forget to remove the fingerprint and pin from your screenshot. Discovering your site using this info is easier than ever.


The certificates issued are public record, so it probably doesn’t matter to remove the fingerprint and pin information.