First time here? Check out the FAQ!

Revision history  [back]

  1. Follow the tutorial on certbot website depend on your operation system.
    For my nginx on Ubuntu 16.04 it is:

    $ sudo apt-get install letsencrypt

    $ letsencrypt certonly --webroot -w /home/s930029/GospelForum -d ldstw.org -d www.ldstw.org

    This command will obtain a single cert for ldstw.org, www.ldstw.org.

  2. According to How To Secure Nginx with Let's Encrypt on Ubuntu 16.04

Add some code your your nginx configuration.

server {
        . . .

        location ~ /.well-known {
                allow all;
        }

        . . .
}

For my website, it is:

server {
        listen 80;
        server_name ldstw.org www.ldstw.org;
        return    301 https://$server_name$request_uri;
}
server {
        listen 443;
        server_name ldstw.org www.ldstw.org;
        ssl on;
        ssl_certificate /etc/letsencrypt/live/ldstw.org/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/ldstw.org/privkey.pem;
        add_header Strict-Transport-Security max-age=31536000;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        location /.well-known/acme-challenge {
        root /home/s930029/GospelForum;
        }

        location / {
        include         uwsgi_params;
        uwsgi_pass      unix:/home/s930029/GospelForum/askbot.sock;
   }
}

And make sure to use $sudo chwon s930029:www:data askbot.sock after you restart nginx