Question

How To Secure Nginx with Let's Encrypt on for a subdomain

Posted November 10, 2018 14.9k views
DNS Ubuntu 18.04

I have followed this tutorial to secure nginx with lets encrypt for this domain and sub domain example.com and www.example.com (my domain instead of example)

Now I have another sub domain something.example.com, it’s pointing to my VPS and I created an ngnix server block to serve static content for it. Now how do I use python-certbot-nginx package to secure the new sub domain?

Add a comment
markadell
By:
markadell
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

3 answers
InnovationCollider March 16, 2019

Hey, I discovered that there is a handy certbot cli command (works on ubuntu 16.04)
simply type:

certbot

Gives you something like that:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx

Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: [editted]
2: [editted]
3: [editted]
4: [editted]
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):
Reply Report
aurl978 November 10, 2018

Hi !
If you have create your vhost to your subdomain, you have just to do this command :

Install Certbot :

sudo git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt
./letsencrypt-auto certonly --standalone

Certificate your subdomain :

sudo ./certbot-auto certonly --standalone -d sub.domain.com

It works fine for me. Don’t forget to restart nginx : 

service nginx reload
Reply Report
  • markadell November 10, 2018

    Is there a way to do it with python-certbot-nginx package?

    Reply Report
    • aurl978 November 10, 2018

      I suppose you have a Debian 9 machine,
      So you can do this : 

      sudo certbot -a dns-plugin -i nginx -d sub.domain.com --server https://acme-v02.api.letsencrypt.org/directory

      Other way, you can follow this helper :
      https://certbot.eff.org/lets-encrypt/debianstretch-nginx

      Reply Report
      • markadell November 10, 2018

        No I’m on I’m on Ubuntu 18.04

        This is the command I used to setup setup SSL certificate for the other domain

        sudo certbot --nginx -d example.com -d www.example.com

        The problem is I’m kind of scared of trial and error now because the server is serving around 500 concurrent users so I don’t want to cause any problem that would lead to a down time.

        Reply Report
        • aurl978 November 10, 2018

          Ubuntu and Debian are about the same.

          The creation of a SSL certificate doesn’t give any problems for all of your users.

          The root path of your website don’t change, Certbot add new lines automaticly in your .conf file.

          When I dev an Angular app, the only way who gives me a down time is when I rebuild my project, but when I created a SSL certificate, it doesn’t affect my website accessibility.

          Reply Report
netdevv July 1, 2019

Guys I can’t access my subdomain on http, its shows on https. Here are my nginx config.

listen 80 default_server;
Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help