Free SSL certificates! This not a mirage. Follow this instructions step by step and you will be able to secure all your running projects for free.
About let’s encrypt: let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit.
Installation and Usage
wget https://dl.eff.org/certbot-auto mv certbot-auto /usr/local/sbin/ chmod a+x /usr/local/sbin/certbot-auto
Generate the first certificate:
certbot-auto certonly -a webroot --webroot-path=/srv/www/zeldor.biz -d zeldor.biz
Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/zeldor.biz/
NGINX configuration
ssl_certificate /etc/letsencrypt/live/zeldor.biz/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/zeldor.biz/privkey.pem;
Apache configuration
SSLCertificateFile "/etc/letsencrypt/live/zeldor.biz/fullchain.pem" SSLCertificateKeyFile "/etc/letsencrypt/live/zeldor.biz/privkey.pem"
Postfix configuration
smtpd_tls_cert_file=/etc/letsencrypt/live/zeldor.biz/fullchain.pem smtpd_tls_key_file=/etc/letsencrypt/live/zeldor.biz/privkey.pem smtp_tls_cert_file=/etc/letsencrypt/live/zeldor.biz/fullchain.pem smtp_tls_key_file=/etc/letsencrypt/live/zeldor.biz/privkey.pem
Dovecot configuration
File: /etc/dovecot/conf.d/10-ssl.conf
ssl_cert = </etc/letsencrypt/live/mail.zeldor.com/fullchain.pem ssl_key = </etc/letsencrypt/live/mail.zeldor.com/privkey.pem ssl_ca = </etc/letsencrypt/live/mail.zeldor.com/chain.pem ssl_dh = </etc/dovecot/dh.pem
Now check with SSL labs the overall SSL-security for your domain.
Sources
- Let’s Encrypt Logo from the official website
Leave a Reply