Earlier today @bmw announced the release of Certbot 0.9.0, which includes a lot of new features.https://community.letsencrypt.org/t/certbot-0-9-0-released/?source_topic_id=20693
One important feature is an alpha version of the nginx plugin, which helps you configure nginx servers automatically in the same ways as Certbot’s apache plugin does with Apache servers. The nginx plugin is still experimental, but we’ve tested it with a variety of configurations and it seems to be working.
We’d love to get feedback from Certbot users (or prospective users) who have nginx setups and are willing to experiment. When installing Certbot 0.9.0 (for example, via the
certbot-auto method, or using
pip and also requesting
certbot-nginx), you can now specify
certbot --nginx on the command line to indicate that you’d like to use the nginx integration. (Because nginx support is still in alpha test, you’ll have to specify this explicitly; Certbot won’t yet automatically suggest configuring your nginx server for you.)
As @bmw put it,
This plugin fully automates the process of obtaining and installing certificates with Nginx. Additionally, it is able to automatically configure security enhancements such as an HTTP to HTTPS redirect and OCSP stapling. To use this plugin, you must have the
certbot-nginxpackage installed (which is installed automatically when using
certbot-auto) and provide
--nginxon the command line. This plugin is still in its early stages so we recommend you use it with some caution and make sure you have a backup of your Nginx configuration.
I would also note that if you have an existing certificate installed in your nginx server but obtained via a different method (such as
--webroot), you may be able to switch that certificate lineage over to use the nginx plugin with
--nginx --force-renew -d one.example.com -d two.example.com -d three.example.com, but this isn’t yet proven to work and you could conceivably end up with a duplicative certificate in some circumstances.
If you’re up for trying the new plugin, please let us know about your experiences!