Saturday, 9 June 2018

Generating free server ssl certificate using letsencrypt

Generating and maintaining SSL certificates is costly and time-consuming.  Thanks to the letsencrypt, we can generate SSL certificate free of cost and in the really easy way.

For generating web certificates for apache or nginx we have awesome tool certbot, hence I will not bother writing anything about it. All steps needed for certbot are available here.

For generating SSL certificate with custom key size below are the steps
Let's generate a certificate for domain rnd.njoshi.com.

  1.  Make sure http://rnd.njoshi.com is reachable
  2.  For this I installed nginx
    • #mkdir -p /usr/share/nginx/html/.well-known/acme-challenge
  3. Downlaod letsencrypt-auto script
    • #curl -o letsencrypt-auto https://raw.githubusercontent.com/certbot/certbot/master/letsencrypt-auto-source/letsencrypt-auto
  4. Generate the certificate
    • ./letsencrypt-auto certonly --agree-tos --rsa-key-size 4096 --renew-by-default -m youremail@gmail.com --webroot -w /usr/share/nginx/html -d rnd.njoshi.com
  5. We have freshly minted certificate at /etc/letsencrypt/live/rnd.njoshi.com/

No comments:

Post a Comment