Monthly Archives: mars 2016

SSL certificates with letsencrypt

Get it

cd /opt
git clone https://github.com/letsencrypt/letsencrypt.git
cd letsencrypt

Generate certificates

./letsencrypt-auto certonly --webroot -w /var/www/domain.com/web/ -d domain.com -d www.domain.com

Result, certificates are here:

/etc/letsencrypt/live/domain.com/

Config web server:

ssl on;
ssl_certificate /etc/letsencrypt/live/domain.com/cert.pem;
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;

Restart web server.
Add cron task to automate certificate renewal:

00 00 1 * * /opt/letsencrypt/letsencrypt-auto certonly --renew-by-default --webroot -w /var/www/domain.com/ -d domain.com -d www.domain.com >> /var/log/letsencrypt_domain.com.log