NGINX Config and SSL Labs Testing


#1

Hey all,

First off, great work on Let’s Encrypt! Love the project.

I’ve have the following in my server block

#Let's Encrypt
ssl_certificate_key /etc/letsencrypt/live/$domain/privkey.pem;
ssl_certificate /etc/letsencrypt/live/$domain/fullchain.pem;
ssl_protocols TLSv1.2;

The files are

[root@server]# ls -lrt
lrwxrwxrwx. 1 root root 43 Dec  5 21:25 privkey.pem -> ../../archive/$domain/privkey5.pem
lrwxrwxrwx. 1 root root 45 Dec  5 21:25 fullchain.pem -> ../../archive/$domain/fullchain5.pem
lrwxrwxrwx. 1 root root 41 Dec  5 21:25 chain.pem -> ../../archive/$domain/chain5.pem
lrwxrwxrwx. 1 root root 40 Dec  5 21:25 cert.pem -> ../../archive/$domain/cert5.pem

I’m getting a Grade B on SSL Labs

Any advise is greatly appreciated.

Thanks


#2

Fixed.

Forgot to restart NGINX.

Silly me…


#3

Good for you! Also, next time don’t forget to remove the fingerprint and pin from your screenshot. Discovering your site using this info is easier than ever.


#4

The certificates issued are public record, so it probably doesn’t matter to remove the fingerprint and pin information.