...
Before obtaining the certificates ensure that there are two DNS A record for the website name (i.e. demonodepublicdns).
Getting the Certificates (letsencrypt example):
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
root@ubuntu:~# sudo apt-get update root@ubuntu:~# sudo apt-get -y install nginx root@ubuntu:~# wget https://dl.eff.org/certbot-auto root@ubuntu:~# chmod a+x certbot-auto root@ubuntu:~# ./certbot-auto root@ubuntu:~# ./certbot-auto certonly --webroot -w /usr/share/nginx/html -d demonodepublicdns ┌────────────────────────────┐ │ Enter email address (used │ │ for urgent notices and │ │ lost key recovery) │ │ ┌────────────────────────┐ │ │ │xxxx@xxxx.xx │ │ │ └────────────────────────┘ │ ├────────────────────────────┤ │ < OK > <Cancel> │ └────────────────────────────┘ ┌───────────────────────────────────────────────────────────────────┐ │ Please read the Terms of Service at │ │ https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf. │ │ You must agree in order to register with the ACME server at │ │ https://acme-v01.api.letsencrypt.org/directory │ ├───────────────────────────────────────────────────────────────────┤ │ <Agree > <Cancel> │ └───────────────────────────────────────────────────────────────────┘ IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at /etc/letsencrypt/live/demonodepublicdns/fullchain.pem. Your cert will expire on 2016-09-29. To obtain a new or tweaked version of this certificate in the future, simply run letsencrypt-auto again. To non-interactively renew *all* of your certificates, run "letsencrypt-auto renew" - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le root@ubuntu:/opt/letsencrypt# ls /etc/letsencrypt/live/demonodepublicdns/ cert.pem chain.pem fullchain.pem privkey.pem |