Let's encrypt generate free HTTPS certificate Ubuntu+tomcat+nginx+let ' s encrypt

1. Download let ' s encrypt

2. Generate the key, call before you need to stop Nginx

Certbot certonly--standalone-d www. domain name 1.com-d www. domain name 2.com

The build succeeds with the following prompts

IMPORTANT NOTES:-congratulations! Your certificate and chain has been saved   at/etc/letsencrypt/live/"Here is your domain name"/FULLCHAIN.PEM. Your cert   would expire on "here is the expiry time". To obtain a new or tweaked version of this   certificate on the future, simply run Certbot-auto again.   to non-interactively renew *all* of your certificates, run   "Certbot-auto Renew"-If you like Certbot, please cons Ider supporting our work by:    donating-Isrg/let ' s Encrypt:   https://letsencrypt.org/donate   donating to EFF :                    Https://eff.org/donate-le

3. Configure Nginx

Listen 443 ssl;ssl_certificate/etc/letsencrypt/live/"Here is your domain name"/fullchain.pem;ssl_certificate_key/etc/letsencrypt/ live/"Here is your domain"/privkey.pem;ssl_protocols TLSv1 TLSv1.1 tlsv1.2;ssl_prefer_server_ciphers on;ssl_ciphers AES256+ Eecdh:aes256+edh:!anull;listen [::]:443 SSL Ipv6only=on;

4. Restart Nginx

Nginx-s Reload

5. redirect HTTP access to HTTPS

server {        listen;        SERVER_NAME "Here is your domain name";        Rewrite ^ (. *) https://$server _name$1 permanent;}

　　

Let's encrypt generate free HTTPS certificate Ubuntu+tomcat+nginx+let ' s encrypt