Installing the Certbot Let’s Encrypt Client for NGINX on Amazon Linux 2

-

Installing the Certbot Let’s Encrypt Client

The certbot package is not available through the package manager by default. You will need to enable the EPEL repository to install Certbot.

sudo yum install epel-release
sudo yum install certbot-nginx

Set Up NGINX

certbot can automatically configure NGINX for SSL/TLS. It looks for and modifies the server block in your NGINX configuration that contains a server_name directive with the domain name you’re requesting a certificate for. In our example, the domain is www.mydomain.com.

Assuming you’re starting with a fresh NGINX install, use a text editor to create a file in the /etc/nginx/conf.d directory named domain_name.conf (so in our example, www.mydomain.com.conf).

Specify your domain name (and variants, if any) with the server_name directive:

server {
    listen 80 default_server;
    listen [::]:80 default_server;
    root /var/www/html;
    server_name mydomain.com www.mydoamin.com;
}

Save the file, then run this command to verify the syntax of your configuration and restart NGINX:

$ sudo nginx -t && sudo nginx -s reload

Obtaining a Certificate

To execute the interactive installation and obtain a certificate that covers only a single domain, run the certbot command with:

sudo certbot --nginx -d mydomain.be -d www.mydomain.be

Setting Up Auto Renewal

Edit the crontab to create a new job that will run the renewal twice per day. To edit the crontab for the root user, run:

sudo crontab -e

Add the certbot command to run daily. In this example, we run the command every day at 02.00a.m. . The command checks to see if the certificate on the server will expire within the next 30 days, and renews it if so. The --quiet directive tells certbot not to generate output.

0 2 * * * sudo /usr/bin/certbot renew --quiet

Done!

Buy Me A Coffee

Comments

Post a Comment

Popular posts from this blog

psql: error: connection to server at "localhost" (127.0.0.1), port 5433 failed: ERROR: failed to authenticate with backend using SCRAM DETAIL: valid password not found

-
Image
ERROR psql: error: connection to server at "localhost" (127.0.0.1), port 5433 failed: ERROR: failed to authenticate with backend using SCRAM DETAIL: valid password not found Since Pgpool-II is a PostgreSQL proxy that works between clients and PostgreSQL servers, the authentication comprises two steps: Authentication between client and Pgpool-II Authentication between Pgpool-II and PostgreSQL servers Starting with Pgpool-II 4.0, Pgpool-II supports scram-sha-256 authentication. scram-sha-256 authentication method is strongly recommended because it is the most secure password-based authentication method. Solution 1 If PostgreSQL servers require  MD5  or  SCRAM  authentication for some user’s authentication but the password for that user is not present in  pool_passwd , then enabling  allow_clear_text_frontend_auth  will allow the  Pgpool-II  to use clear-text-password authentication with user to get the password in plain text form from the user ...
Read more

Deploy Nuxt.js app using Apache 2

-
  Deploy your dynamic Nuxt.js app Nuxt.js is an amazing server side rendering application framework for Vue.js. In this article we will see how to deploy Nuxt.js application to AWS instance in universal app mode. Where in Nuxt.js you can choose between Universal, Static Generated or Single Page application. Before we start deploying our dynamic app, if you want just to deploy a static website, you can run this command: npm run generate and it will generate the files and put them in  dist  folder which you can upload to any server you want. But this will not work for universal apps. 1. Build your app To build a ssr app you need to run the following command: npm run build The generated files will not be in the  dist  folder as for the static app, but you can find all generated files in  .nuxt  folder which will be the entry point. 2. Upload to the server There are two ways to do this upload your whole application with the source code or just upload the n...
Read more