Install certificate as seen in tutorial
- Go to ACME Github repo
- Download ACME install script and run it. This creates
acme.sh mkdir ~/pub && cd ~/pub && python3 -m http.server 8000- In
~/pub/: put the following intonginx.conf:
server {
listen 80;
server_name localhost;
location / {
proxy_pass http://172.17.0.1:8000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
then run: docker run -p 80:80 -v $(pwd)/nginx.conf:/etc/nginx/conf.d/default.conf:ro nginx
- To get a new certificate: Run
./acme.sh --issue -d loic.lescoat.me -d www.loic.lescoat.me -w ~/pub/ --server letsencrypt. Replace the-darguments as required. To update an existing certificate: Runacme.sh --renew -d loic.lescoat.me [-d lescoat.me] [--force]. - Stop HTTP server
- In
nginx, passacme’sfull-chain cert(full-chain certificate) tossl_certificateand thecert key(private key) tossl_certificate_key:
server {
listen 0.0.0.0:443 ssl;
listen [::]:443 ssl;
ssl_certificate /path/to/fullchain.cer;
ssl_certificate_key /path/to/loic.lescoat.me.key;
...
}