9/7/2018

NGINX+HTTPS Follow Up

Many moons ago I wrote a tutorial about how to imbue your NGINX server with SSL using the EFF’s certbot (which you can read here).

Well, by my estimation (from looking at certbot’s release schedule on GitHub) I was using v0.22.2, which is 5 minor releases behind the current 0.27.1 version. And, in my usage of the tool, I’ve found that NGINX mode has come a long way.

Now, all you need to do is have a bare-bones configuration in sites-enabled for certbot to detect, e.g.:

# /etc/nginx/sites-enabled/foo.conf
server {
    listen 80;
    server_name foo.com;
}

Then simply run:

sudo certbot --nginx

and follow the prompts.

certbot will make the necessary changes to the configuration files and install your new certificates in the appropriate locations.

When you need to renew your certificates, simply rerun the command above.