Ubuntu Nginx installation Certbot (Letsencrypt)

https://certbot.eff.org

To the above site follow the steps to install Certbot,

After the installation is complete, Certbot generates a certificate in two ways

The first type: certonly mode, Certbot will start the own nginx (if the server already has nginx, need to stop the existing nginx) to generate certificates

Certbot certonly--standalone-d example.com-d www.example.com

The second type: Webroot mode,

Certbot will generate random files to the given directory (the Web directory of Nginx configuration)/.well-known/acme-challenge/目录里面，

and generate the certificate through the Nginx validation random file that has been started.

Certbot certonly--webroot-w /usr/local/nginx/html-d logan.ren-d llcv.pw-w /var/www/thing-d thing.i S-d m.thing.is

-W nginx.conf Server configuration of the Web directory, both generating a directory of randomly verified files

-D nginx.conf in server_name;

Finally, if you want to renew

Certbot Renew--dry-run

= = above Certbot complete, the following is about the installation of Nginx =

Install Nginx before installing the required components

sudo Install libpcre3 libpcre3-dev libpcrecpp0 libssl-dev Zlib1g-dev

Download Nginx

wget http://nginx.org/download/nginx-1.13.0.tar.gz

Decompression Nginx

tar -zxvf nginx-1.13. 0. tar. gz

Compiling Nginx

./configure--with-http_ssl_module

Make && make install

or a custom configuration

./configure \
--sbin-path=/opt/nginx/nginx \
--conf-path=/opt/nginx/nginx.conf \
--pid-path=/opt/nginx/nginx.pid \
--with-http_ssl_module \
--with-pcre=/usr/local/src/pcre \
--with-zlib=/usr/local/src/zlib \
--with-openssl=/usr/local/src/openssl

Make && make install

Start Nginx

Soft-chain Nginx Ln -s/usr/local/nginx/sbin/nginx/usr/local/bin/nginx start Nginx

To view ports:

Netstat-ano|grep 80

To see if a module is installed

Dpkg-l | grep openss

nginx.conf Configuration

Server {Listen the;        server_name Logan.ren LLCV.PW WWW.LLCV.PW; Location~ /{proxy_pass http://logan.ren:5050;} Location^~/.well-known/acme-challenge/{Default_type"Text/plain"; Root/usr/local/nginx/html} Location=/.well-known/acme-challenge/{return404; }} server {Listen443SSL;        server_name Logan.ren, LLCV.PW; Ssl_certificate/etc/letsencrypt/live/logan.ren/Fullchain.pem; Ssl_certificate_key/etc/letsencrypt/live/logan.ren/Privkey.pem; Ssl_trusted_certificate/etc/letsencrypt/live/logan.ren/Chain.pem; # Ssl_dhparam/etc/nginx/tls1.2/Dhparam.pem; Ssl_protocols TLSv1 TLSv1.1TLSv1.2; # ssl_ciphers"Eecdh+aesgcm:edh+aesgcm:aes256+eecdh:aes256+edh"; Location/www/{root/opt/llc/www/LLCV;        Index index.html; } Location~ /{proxy_pass http://logan.ren:5050;        }    }

Ubuntu Nginx installation Certbot (Letsencrypt)