Tag Archives: SSL

Securing Nginx with Let’s Encrypt on Ubuntu 16.04

First we need to install certbot utility:

apt-get install software-properties-common
add-apt-repository ppa:certbot/certbot
apt-get update
apt-get install python-certbot-nginx

After that, we can easily generate SSL certificates for all the domains listed in Nginx ‘server_name’ attributes in alive (working) virtual hosts. The examples are:

certbot --nginx certonly -d slogpost.ru -d www.slogpost.ru
certbot --nginx certonly -d psiholog-s-vami.ru -d www.psiholog-s-vami.ru
certbot certonly --nginx --cert-name sharlines.com -d sharlines.com -d www.sharlines.com
certbot certonly --nginx --cert-name developernote.com -d developernote.com -d www.developernote.com -d comprice.developernote.com -d herb.developernote.com -d mastermag.developernote.com -d pechat.developernote.com -d geographx.developernote.com -d geographx.net -d www.geographx.net -d xn--80aajg7ac1agj.xn--p1ai -d www.xn--80aajg7ac1agj.xn--p1ai -d xn--80acc2atiigge7h.xn--p1ai -d www.xn--80acc2atiigge7h.xn--p1ai -d xn--80ajbrkbljkdjhf7k4a.xn--p1ai -d www.xn--80ajbrkbljkdjhf7k4a.xn--p1ai -d doc.developernote.com -d git.developernote.com -d gitweb.developernote.com
certbot --nginx certonly -d milomag.ru,www.milomag.ru,xn--80agwdbl3g.xn--p1ai,www.xn--80agwdbl3g.xn--p1ai

We cannot use wildcard domains line *.developernote.com with Let’s Encrypt, so we should list all the subdomains. And I do not see anything wrong in combining multiple domains in a single certificate.

(more…)