date

Generating letsencrypt certificates without stopping your webserver

1. Create a simple shell script like this

`cert-req.sh`

certbot -n --agree-tos -d $1 -m $2 certonly \
  --standalone --cert-name $1 --preferred-challenges http \
  --http-01-port 4080 --no-eff-email --keep-until-expiring \
  --rsa-key-size 4096

Here:

$1: domain that you want to issue the certificate for
$2: Your email address

This script when invoked as follows:

`./cert-req.sh example.com mail@example.com example.org`

requests a certificate with example.com as the CNs. It can be extended to ask for and add more CNs to the certificate.¹

2. nginx needs to have this config

`/etc/nginx/sites-enabled/plain`

server {
  listen 80;
  location ^~ /.well-known/acme-challenge/ {
    proxy_pass http://127.0.0.1:4080;
  }

  location / {
    rewrite ^ https://$http_host$request_uri? permanent;
  }
}

Footnotes

Certbot user guide: https://certbot.eff.org/docs/using.html ↩

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

le-cert-req.md

le-cert-req.md

Generating letsencrypt certificates without stopping your webserver

1. Create a simple shell script like this

`cert-req.sh`

`./cert-req.sh example.com mail@example.com example.org`

2. nginx needs to have this config

`/etc/nginx/sites-enabled/plain`

Files

le-cert-req.md

Latest commit

History

le-cert-req.md

File metadata and controls

Generating letsencrypt certificates without stopping your webserver

1. Create a simple shell script like this

cert-req.sh

./cert-req.sh example.com mail@example.com example.org

2. nginx needs to have this config

/etc/nginx/sites-enabled/plain

Footnotes

`cert-req.sh`

`./cert-req.sh example.com mail@example.com example.org`

`/etc/nginx/sites-enabled/plain`