This is the blog of Will Badart.

Archive Series Tags Feed


07 Sep 2018

Many moons ago I wrote a tutorial about how to imbue your NGINX server with SLL using the EFF’s certbot (which you can read here).

Well, by my estimation (from looking at certbot’s release schedule on GitHub) I was using v0.22.2, which is 5 minor releases behind the current 0.27.1 version. And, in my usage of the tool, I’ve found that NGINX mode has come a long way.

Now, all you need to do is have a bare-bones configuration in sites-enabled for certbot to detect, e.g.:

# /etc/nginx/sites-enabled/foo.conf
server {
    listen 80;

Then simply run:

$ sudo certbot --nginx

and follow the prompts.

certbot will make the necessary changes to the configuration files and install your new certificates in the appropriate locations.

When you need to renew your certificates, simply rerun the command above.

Recent posts:

Next post: Coffee Log 05
Previous post: Coffee Log 04