Nowadays, you can easily get a free SSL certificate but you have to manually/automatically renew it every 90 days.
To apply for a certificate, you have to verify your domain – either by email of your domain, place a file on your server (which can be public accessed), or modify the DNS record.
If your DNS has configured CAA records, you need to remove them or add specific records allowing a SSL provider to issue the certificates on your domain.
Once the certificates are issued, you will see the following files:
- ca_bundle.crt
- certificate.crt
- private.key
You need to combine two CRTs into one:
1 | cat certificate.crt ca_bundle.crt >> certificate.crt |
cat certificate.crt ca_bundle.crt >> certificate.crt
Then in Nginx server, add the following in server block:
listen 443; ssl on; ssl_certificate /etc/ssl/certificate.crt; ssl_certificate_key /etc/ssl/private.key;
Last but not least, restart the nginx server.
1 2 3 | sudo /etc/init.d/nginx restart # or sudo service nginx restart |
sudo /etc/init.d/nginx restart # or sudo service nginx restart
To get free SSL/HTTPS certificates, you can choose one of the following:
- https://letsencrypt.org/
- https://sslforfree.com/
–EOF (The Ultimate Computing & Technology Blog) —
loading...
Last Post: Design: How to Solve 503 Error of API when Resources are not available?
Next Post: How to Compute Running Sum of 1d Array using std::partial_sum in C++?