ssl-setup

Intro

This setup Is only applicable for Nginx, this guide assumes you have nginx running. If you have more than one domain, or you have a subdomain, just repeat the same command by replacing example.com with sub.example.com.

I used acme.sh to issue and install the certificates, so this guide is meant for that tool. The version of acme.sh used in this guide is "3.0.8"

Download acme.sh in your remote machine

curl https://get.acme.sh | sh -s email=my@example.com

Copy nginx config files

for sample check nginx-conf directory, the deploy.sh script does most of things.

Run the acme.sh to issue a certificate for the particular domain in your remote machine

acme.sh --server letsencrypt  --issue --nginx -d mana.nex.bio -w /var/www/mana.nex.bio/

Setup dirs for keys to be installed in remote machine

mkdir -p /etc/nginx/certs/example.com

Install the keys in remote machine

Do modify the reload command as per your service manager, i was on systemd. This command also setups the cron tab for you.

  acme.sh --install-cert -d mana.nex.bio \
--key-file       /etc/nginx/certs/mana.nex.bio/key.pem  \
--fullchain-file /etc/nginx/certs/mana.nex.bio/cert.pem \
--reloadcmd     "systemctl reload nginx"