Note: This is primarily for me to remember doing these steps, If it benefits someone else then great =).
In this example I will be listing out the steps to install SSL on https://crowdslike.com
Step 1
We will need to SSH into our machine. In our case its an EC2 instance.
ssh -i your.pem ec2-user@domain.com
Step 2
Installing Certbot. Head over to their documentation to get the instructions. They may vary depending on your machines operating system. We will be installing certbot-auto.
Step 3
We will need to stop our server. In our case we are running NGINX.
service nginx stop
Step 4
Here we will run the certbot command to generate our new certificate. The command will ask you a few questions along the way.
./certbot-auto certonly --standalone -d domain.com --no-bootstrap
If you see the congratulations message then you have made it. Now we will need to copy these two lines for later usage.
/etc/letsencrypt/live/<domain_name>/fullchain.pem /etc/letsencrypt/live/<domain_name>/privkey.pem
Step 5
Now, we will update our NGINX config and add SSL support. Below is a simple config setup.
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name _;
ssl on;
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;
add_header Strict-Transport-Security “max-age=31536000”;
This pill is authentic and plays a 50mg viagra sale crucial part of this role is cultivating and maintaining a shared vision (Lashway, Leithwood and colleagues, Lipton and Melamede). There are many factors that can disturb blood pressure, yet exact cause for hypertension is levitra ordering not known. The substance fixing utilized as a part of this medication under the instructed ways will make your life successful in the most fulfilling way! To start strengthening your manifesting muscles this week, start each viagra generika more info here day with this one manifesting workout. These causes include high blood pressure, cholesterol, obesity, discount order viagra diabetes, arteriosclerosis amongst others. root /var/www/html;
index index.html index.htm index.nginx-debian.html;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/html$fastcgi_script_name;
include fastcgi_params;
}
}
We need to restart our NGINX sever.
service nginx start
Step 6
Let’s setup auto-renewal of our certificate. Certbot certificates last 30 days. The cron will run every night at 1 am.
Create a file: /home/certbot-renew.sh Add lines: #!/bin/bash sudo service nginx reload Make it executable: chmod +x /home/certbot-renew.sh Edit cron: sudo crontab -e Add line 0 1 * * * ./certbot-auto renew --noninteractive --renew-hook /home/certbot-renew.sh
To check that the cronjob was saved, you can run the command below.
crontab -l