User Tools

Site Tools


guides:install:nginx_ssl_letsencrypt

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

guides:install:nginx_ssl_letsencrypt [2016/04/16 18:11] (current)
michaelc created
Line 1: Line 1:
 +====== Setup Nginx with SSL using LetsEncrypt ======
  
 +<​code>​
 +sudo apt-get install git
 +git clone https://​github.com/​letsencrypt/​letsencrypt
 +cd letsencrypt
 +</​code>​
 +
 +Stop nginx
 +<​code>​
 +sudo service nginx stop
 +</​code>​
 +
 +Check nginx is stopped
 +<​code>​
 +netstat -na | grep ':​80.*LISTEN'​
 +</​code>​
 +
 +Create ssl certs using letsencrypt
 +<​code>​
 +./​letsencrypt-auto certonly --standalone
 +</​code>​
 +
 +You will be prompted to provide email address, accept the ToC and to provide the domainname ​
 +the domainname for the cert.
 +
 +You can find your certificate in **/​etc/​letsencrypt/​live**
 +
 +Update your nginx server config file
 +
 +<​code>​
 +server {
 +   ​listen ​        80;
 +   ​server_name ​   www.example.com;​
 +   
 +   [...]
 +   
 +}
 +
 +server {
 +   ​listen 443 ssl;
 +   ​server_name www.example.com;​
 +
 +   ssl on;
 +   ​ssl_certificate /​etc/​letsencrypt/​live/​yourdomainname/​fullchain.pem;​
 +   ​ssl_certificate_key /​etc/​letsencrypt/​live/​yourdomainname/​privkey.pem;​
 +   ​ssl_session_timeout 5m;
 +   ​ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
 +   ​ssl_ciphers '​EECDH+AESGCM:​EDH+AESGCM:​AES256+EECDH:​AES256+EDH';​
 +   ​ssl_prefer_server_ciphers on;
 +   ​ssl_session_cache shared:​SSL:​10m;​
 +
 +   [...]
 +   
 +}
 +</​code>​
guides/install/nginx_ssl_letsencrypt.txt · Last modified: 2016/04/16 18:11 by michaelc