How i did SSL with let's encrypt for free

I use ubuntu v14 on vps machine. I have couple nodejs scripts running with pm2. I use https server inside js files:

const app = require('express')();

const fs = require('fs');
var privateKey = fs.readFileSync('/etc/letsencrypt/live/domain.com/privkey.pem'); // privatekey.pem
var certificate = fs.readFileSync('/etc/letsencrypt/live/domain.com/cert.pem'); // certificate.pem
var chain = fs.readFileSync('/etc/letsencrypt/live/domain.com/fullchain.pem'); // certificate.pem
const https = require('https').Server({
  key: privateKey,
  cert: certificate,
  ca: chain}, app);


In nginx i use this:

    server {
      listen 443 ssl;

      server_name domain.com www.domain.com;

     ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
     ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;

      keepalive_timeout 10;

      location /.well-known/acme-challenge/ {
        alias /var/www/challenges/;
        try_files $uri =404;
      }

      location / {
          proxy_redirect off;
          proxy_set_header   X-Real-IP         $remote_addr;
          proxy_set_header   X-Forwarded-For   $proxy_add_x_forwarded_for;
          proxy_set_header   X-Forwarded-Proto $scheme;
          proxy_set_header   Host              $http_host;
          proxy_set_header   X-NginX-Proxy     true;
          proxy_set_header   Connection        "";
          proxy_pass         http://pm2upstream;
     }



    }


Tried different guides and failed.

This worked:

  1. wget https://dl.eff.org/certbot-auto
  2. chmod a+x ./certbot-auto
  3. service nginx stop
  4. ./certbot-auto certonly  & follow instructions, use auto server
  5. reboot 0     // i hear you screaming about this, best wishes, sys admins

No comments:

Post a Comment

You can ask IT questions in comments!