Cerbot
- Gaspar
Certbot - SSL Certificate
Having an SSL certificate ensures a secure connection between users and the server, and that no data is compromised while it is traveling over the internet. This allows users to connect using HTTPS protocol over port 443.
This guide assumes the server already has a domain and the necessary DNS record/s have been created. Also we are assuming Ngnix is installed
Open ports 80 and 443, belonging to HTTP and HTTPS respectively. Port 22 is also required.
Connect via SSH to the server with a user with sudo privileges.
Install Certbot
sudo snap install --classic certbotPrepare the Certbot command
sudo ln -s /snap/bin/certbot /usr/bin/certbotGenerate the certificate, this will also automatically edit the nginx configuration to serve it.
sudo certbot --nginxCertbot will ask some questions, like an email to send notifications about certificate renewals.
After the initial questions, Certbot will ask for the domain names to issue the certificate. It will try to access the server over port 80 using the domain name, so the DNS records must be already configured.
Test that Certbot is capable of renewing the certificate, otherwise after a couple of months it will expire and users will lose access to the services.
Official installation guide: Certbot Instructions
Official documentation: https://eff-certbot.readthedocs.io/en/stable/
The screenshot is an example of dev.p2zwe.psidigital.org.conf domain. Use the proper domain when you do the installation