Let's Encrypt in 10 minutes

Posted on December 22, 2015 in nginx, encryption, security

Encryption is hard. Let's Encrypt makes it extremely easy. How easy? You can have an SSL certificate for your nginx site in under 10 minutes.

1. Install Let's Encrypt

$ git clone https://github.com/letsencrypt/letsencrypt
$ cd letsencrypt
$ ./letsencrypt-auto --help

2. Obtain a Certificate

$ # Shut down nginx temporarily
$ service stop nginx

$ # Generate a cert
$ ./letsencrypt-auto certonly --standalone --email me@email.com -d mydomain.com

You can add multiple domains by supplying multiple -d parameters.

3. Update Nginx Configuration

Open your site's nginx configuration and add the following:

listen 443 ssl;
server_name mydomain.com; # Replace with your domain
ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;

4. Done

Just start your server and test the connection.

$ service nginx start


Let's Encrypt is awesome. In less than 10 minutes I was serving this website via sweet, sweet 256-bit encryption and now you should be able to do the same for your sites. Get going!

Questions or comments about this article? Let me know at tommylackemann [at] gmail [dot] com

Thomas Lackemann :)


Tom is the founder of Astral TableTop. He's a homebrewer, hiker, and has an about page. Follow @tlackemann on Twitter for more discussions like this.