Encryption is hard. Let’s Encrypt makes it extremely easy. How easy? You can have an SSL certificate for your nginx site in under 10 minutes.
1. Install Let’s Encrypt
$ git clone https://github.com/letsencrypt/letsencrypt $ cd letsencrypt $ ./letsencrypt-auto --help
2. Obtain a Certificate
$ # Shut down nginx temporarily $ service stop nginx $ # Generate a cert $ ./letsencrypt-auto certonly --standalone --email firstname.lastname@example.org -d mydomain.com
You can add multiple domains by supplying multiple
3. Update Nginx Configuration
Open your site’s nginx configuration and add the following:
listen 443 ssl; server_name mydomain.com; # Replace with your domain ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;
Just start your server and test the connection.
$ service nginx start
Let’s Encrypt is awesome. In less than 10 minutes I was serving this website via sweet, sweet 256-bit encryption and now you should be able to do the same for your sites. Get going!
Questions or comments about this article? Let me know at tommylackemann [at] gmail [dot] com