Security

Install and configure free Let’s Encrypt SSL certificates

by Prasad Domala
by Prasad Domala 0 comment

In this blog you can find the commands I used in the video explaining installation and configuration of Let’s Encrypt Certificates. Please watch the video for a detailed explanation and demo.

Let's Encrypt installation & configuration

Edit Nginx configuration to allow /.well-known/acme-challenge

vim /etc/nginx/sites-available/default
# Add below section
location ^~ /.well-known/acme-challenge/ {
  allow all;
}
# Save and reload nginx
service nginx reload

Install GIT and clone Certbot repository under /opt (or any directory of your choice)

sudo apt install -y git
cd /opt
git clone https://github.com/certbot/certbot

Create certificates for your domain using certbot-auto. Make sure you change your domain name, email address and domain root accordingly

cd /opt/certbot
./certbot-auto certonly --webroot -w /var/www/html -d prasaddomala.me --non-interactive --agree-tos --email prasad.domala@gmail.com

Edit Nginx configuration to enable SSL and add new Let’s Encrypt Certificates. Change the certificate path based on your domain name

vim /etc/nginx/sites-available/default
# Add below lines to the configuration and reload nginx
listen 443 ssl default_server;
ssl_certificate    /etc/letsencrypt/live/prasaddomala.me/fullchain.pem;
ssl_certificate_key    /etc/letsencrypt/live/prasaddomala.me/privkey.pem;
service nginx reload

Certificate renewal

cd /opt/certbot
./certbot-auto renew --webroot -w /var/www/html --force-renewal
0 comment
1
FacebookTwitterPinterestLinkedinRedditWhatsappTelegramEmail

Hey there, I am Prasad Domala. I am a Senior Cloud & DevOps Consultant / Architect. AWS is my passion and I am 5x AWS certified. I am determined in helping customers to excel in their cloud journey. I live in Brisbane with my wife and two amazing kids. Do get in touch !!

Leave a Comment