Skip to content

Instantly share code, notes, and snippets.

@bertolo1988
Forked from davestevens/LetsEncrypt.md
Created July 30, 2017 00:50
Show Gist options
  • Save bertolo1988/b4b5933b12a8a45300d3508719f95b9e to your computer and use it in GitHub Desktop.
Save bertolo1988/b4b5933b12a8a45300d3508719f95b9e to your computer and use it in GitHub Desktop.
Let’s Encrypt setup for Apache, NGINX & Node.js

Let's Encrypt

Examples of getting certificates from Let's Encrypt working on Apache, NGINX and Node.js servers.

Obtain certificates

I chose to use the manual method, you have to make a file available to verify you own the domain. Follow the commands from running

git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt
./letsencrypt-auto certonly --manual --email [email protected] -d example.com

This creates a directory: /etc/letsencrypt/live/example.com/ containing certificate files:

  • cert.pem
  • chain.pem
  • fullchain.pem
  • privkey.pem

Node.js

var https = require('https');
var fs = require('fs');

var options = {
  key: fs.readFileSync('/etc/letsencrypt/live/example.com/privkey.pem'),
  cert: fs.readFileSync('/etc/letsencrypt/live/example.com/cert.pem'),
  ca: fs.readFileSync('/etc/letsencrypt/live/example.com/chain.pem')
};

https.createServer(options, function (req, res) {
  res.writeHead(200);
  res.end("hello world\n");
}).listen(8000);

Apache

LoadModule ssl_module libexec/apache2/mod_ssl.so
Listen 443
<VirtualHost *:443>
  ServerName example.com
  SSLEngine on
  SSLCertificateFile "/etc/letsencrypt/live/example.com/cert.pem"
  SSLCertificateKeyFile "/etc/letsencrypt/live/example.com/privkey.pem"
  SSLCertificateChainFile "/etc/letsencrypt/live/example.com/chain.pem"
</VirtualHost>

NGINX

server {
    listen              443 ssl;
    server_name         example.com;
    ssl_certificate     /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment