Let’s Encrypt in Nginx

Recently, I wanted to put my new web project online. I need to change it from http server to https server. And I totally forgot how I obtained the certification from let’s encrypt before.

I’m sure that I would forget it again after a few months, so let’s take note of it.

We need to use certbot to obtain and manage the certification. The detailed instruction is at https://certbot.eff.org/instructions. You can choose the software for web deployment and the OS you used on this web page to see the instruction.

Since I use Nginx on my mac mini as the server for web deployment, I would only talk about it in this article.

We need to use homebrew to install certbot.

$ brew install certbot

I assume you already set up the http server for your project. If you need the detail of the basic settings of Nginx, you can see the article I wrote before. https://medium.com/@xdxxxx4713/basic-settings-of-nginx-aeace532534f

$ sudo certbot run

type 2 to use Nginx

choose the website you want to activate https

And certbot would auto modify your Nginx config, which is pretty annoying. Usually, I would set my config as follows.

To manually renew, just type

$ sudo certbot renew

Also, there's an instruction to set up automatic renewal on the above certbot instruction website.

Since I don’t know this method before, I wrote a python script for auto renew.

It would renew the certifications every 10 days.