, 1 min read
Let's Encrypt Certbot Usage with NGINX
Previously I used lefh
to generate and update Let's Encrypt certificates for the Hiawatha webserver.
Unfortunately, this PHP script no longer works.
Therefore I installed certbot
:
pacman -S certbot-nginx
Updating my domains is like this:
certbot --nginx -d eklausmeier.goip.de,klm.ddns.net,eklausmeier.mywire.org,klmport.no-ip.org,klm.no-ip.org
Its output is roughly
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for eklausmeier.goip.de and 4 more domains
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/eklausmeier.goip.de/fullchain.pem
Key is saved at: /etc/letsencrypt/live/eklausmeier.goip.de/privkey.pem
This certificate expires on 2024-05-19.
These files will be updated when the certificate renews.
Add the first two files in /etc/nginx/nginx.conf
:
ssl_certificate /etc/letsencrypt/live/eklausmeier.goip.de/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/eklausmeier.goip.de/privkey.pem;
Check with nginx -t
.
If all is OK, then restart with systemctl restart nginx
.
Final check is with Qualys SSL Labs: