Skip to content

Latest commit

 

History

History
53 lines (37 loc) · 1.25 KB

ssl-certificates-using-letsencrypt.md

File metadata and controls

53 lines (37 loc) · 1.25 KB
Raw
layout
title description tableOfContents outline pagination
visible
true
visible
visible
true
visible
true
visible
true

Generate SSL Certificates using Letsencrypt

This document guides you to generate and renew SSL certificates using letsencrypt.

Procedure

The steps to generate SSL certificates are given below.

  • Install letsencrypt and certbot.
sudo apt install certbot
  • Generate Certificate.
sudo certbot certonly --agree-tos --manual --preferred-challenges=dns -d *.openg2p.sandbox.net -d openg2p.sandbox.net
  • Since the preferred challenge is DNS type, the above command asks for _acme-challenge. Create the _acme-challenge TXT DNS record accordingly, and continue with the above prompt to generate certs.
  • The generated certs must be present in /etc/letsencrypt directory.

Renew certificates

  • Run the same generate certs command to renew certs.
sudo certbot certonly --agree-tos --manual --preferred-challenges=dns -d *.openg2p.sandbox.net -d openg2p.sandbox.net
  • The above command generates a new pair of certificates. The DNS challenge needs to be performed again, as prompted.
  • Restart Nginx 
sudo systemctl restart nginx