Encryption is hard. Let's Encrypt makes it extremely easy. How easy? You can have an SSL certificate for your nginx site in under 10 minutes.
$ git clone https://github.com/letsencrypt/letsencrypt
$ cd letsencrypt
$ ./letsencrypt-auto --help
$ # Shut down nginx temporarily
$ service stop nginx
$ # Generate a cert
$ ./letsencrypt-auto certonly --standalone --email me@email.com -d mydomain.com
You can add multiple domains by supplying multiple -d
parameters.
Open your site's nginx configuration and add the following:
listen 443 ssl;
server_name mydomain.com; # Replace with your domain
ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;
Just start your server and test the connection.
$ service nginx start
Let's Encrypt is awesome. In less than 10 minutes I was serving this website via sweet, sweet 256-bit encryption and now you should be able to do the same for your sites. Get going!
Questions or comments about this article? Let me know at tommylackemann [at] gmail [dot] com
Tom is the founder of Astral TableTop. He's a homebrewer, hiker, and has an about page. Follow @tlackemann on Twitter for more discussions like this.