Set up Let's Encrypt

Set up Let's Encrypt

Let's Encryptを使用して無料証明書を発行。

Usage

  • Amazon Linux AMI release 2016.09
  • Nginx/1.10.1

  • Install

    $ git clone https://github.com/letsencrypt/letsencrypt
    $ ./letsencrypt-auto  --debug // you might need
    
  • Publish

    $  ./letsencrypt-auto certonly --webroot -w /path/to/your-web-root -d your.domain
    $  ls /etc/letsencrypt/
    accounts  archive  csr  keys  live  renewal
    
  • Set Up with Nginx

server {
  listen 443 ssl;
  ssl_certificate /etc/letsencrypt/live/your.domain/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/your.domain/privkey.pem;
  ssl_session_cache   shared:ssl:10m;
  ssl_session_timeout 10m;
  ....
}
  • Update certificate
    $ ./letsencrypt-auto renew
    

Refer

Let's Encrypt ユーザーガイド
https://letsencrypt.jp/docs/using.html

nginx_ssl_server_name.md
https://gist.github.com/kenjiskywalker/4698573

Let’s Encryptの証明書をnginxに設定してhttps化した
https://tsuchikazu.net/lets-encrypt-nginx/