I’m setting up a docker container with nginx, however I want to have full control of the main virtualhost config instead of having the nginx installer edit my virtualhost. Is it possible to have certbot only generate and keep updated the /etc/letsencrypt/options-ssl-nginx.conf and /etc/letsencrypt/ssl-dhparams.pem files so I can reference them?
Use certbot certonly.
Unfortunately that’s only generates the certs, the ssl configs and ssl dhparams aren’t there
Ah, makes sense, because those files are webserver specific. And without using a specific webserver plugin, it won’t place those files in the letsencrypt directory.
It seems however, using the plugin as installer isn’t necessary, if I read the source correctly, just triggering the plugin by using it as authenticator is enough:
See the install_ssl_options_conf function.
The nginx authenticator however, does temporarily modify your nginx configuration, but not permanently, for the validation of the challenges. You can specify this in stead of the webroot authenticator by using -a nginx .
I think I’ll end up using the config file that exists on the package folder, as we can’t user nginx for authorization (we use DNS validation because we have IP whitelisting on the http/https ports.
Thanks for trying @Osiris
1 Like
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.