Category Archives: Hosting

How to force or redirect to SSL in nginx? – Server Fault

This is the correct and most efficient way if you want to keep it all in one server block:

server {
listen 80;
listen [::]:80;
listen 443 default_server ssl;

server_name www.example.com;

ssl_certificate /path/to/my/cert;
ssl_certificate_key /path/to/my/key;

if ($scheme = http) {
return 301 https://$server_name$request_uri;
}
}

Source: How to force or redirect to SSL in nginx? – Server Fault

How to renew SSL certificate from Lets-encrypt when your website is using cloudflare | GyanBlog

Try pausing Cloudflare before running this:

VIA COMMAND LINE
For this, you need ssh access of your web server. Open terminal, and type command:

certbot certonly -d example.com -d ~www.example.com

(put your website in place of example.com, remove the ~ symbol from above line)

It will ask for putting webroot path. Write down the path of your documentRoot.

https://pastebin.com/embed_iframe/h12HFmYs

How would you like to authenticate with the ACME CA?

1: Apache Web Server plugin - Beta (apache)
2: Place files in webroot directory (webroot)

3: Spin up a temporary webserver (standalone)

Select the appropriate number [1-3] then [enter] (press 'c' to cancel): 2
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Cert is due for renewal, auto-renewing...
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for example.com
http-01 challenge for www.example.com

Select the webroot for example.com:

1: Enter a new webroot

Press 1 [enter] to confirm the selection (press 'c' to cancel): 1
Input the webroot for gyanbyte.com: (Enter 'c' to cancel):/var/www/example/

Select the webroot for www.example.com:

1: Enter a new webroot

2: /var/www/example/

Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Waiting for verification...
Cleaning up challenges
Generating key (2048 bits): /etc/letsencrypt/keys/0004_key-certbot.pem
Creating CSR: /etc/letsencrypt/csr/0004_csr-certbot.pem

IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at
/etc/letsencrypt/live/example.com/fullchain.pem. Your cert will
expire on 2017-10-20. To obtain a new or tweaked version of this
certificate in the future, simply run certbot again. To
non-interactively renew all of your certificates, run "certbot
renew"
- If you like Certbot, please consider supporting our work by:

Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le

Source: How to renew SSL certificate from Lets-encrypt when your website is using cloudflare | GyanBlog