Question

How To Secure Nginx with Let's Encrypt on for a subdomain

Posted November 10, 2018 14.9k views
DNS Ubuntu 18.04

I have followed this tutorial to secure nginx with lets encrypt for this domain and sub domain example.com and www.example.com (my domain instead of example)

Now I have another sub domain something.example.com, it’s pointing to my VPS and I created an ngnix server block to serve static content for it. Now how do I use python-certbot-nginx package to secure the new sub domain?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

3 answers

Hey, I discovered that there is a handy certbot cli command (works on ubuntu 16.04)
simply type:

certbot

Gives you something like that:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx

Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: [editted]
2: [editted]
3: [editted]
4: [editted]
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):

Hi !
If you have create your vhost to your subdomain, you have just to do this command :

Install Certbot :

sudo git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt
./letsencrypt-auto certonly --standalone

Certificate your subdomain :

sudo ./certbot-auto certonly --standalone -d sub.domain.com

It works fine for me. Don’t forget to restart nginx :

service nginx reload
  • Is there a way to do it with python-certbot-nginx package?

    • I suppose you have a Debian 9 machine,
      So you can do this :

      sudo certbot -a dns-plugin -i nginx -d sub.domain.com --server https://acme-v02.api.letsencrypt.org/directory
      

      Other way, you can follow this helper :
      https://certbot.eff.org/lets-encrypt/debianstretch-nginx

      • No I’m on I’m on Ubuntu 18.04

        This is the command I used to setup setup SSL certificate for the other domain

        sudo certbot --nginx -d example.com -d www.example.com

        The problem is I’m kind of scared of trial and error now because the server is serving around 500 concurrent users so I don’t want to cause any problem that would lead to a down time.

        • Ubuntu and Debian are about the same.

          The creation of a SSL certificate doesn’t give any problems for all of your users.

          The root path of your website don’t change, Certbot add new lines automaticly in your .conf file.

          When I dev an Angular app, the only way who gives me a down time is when I rebuild my project, but when I created a SSL certificate, it doesn’t affect my website accessibility.

Guys I can’t access my subdomain on http, its shows on https. Here are my nginx config.

listen 80 default_server;
Submit an Answer