-
Notifications
You must be signed in to change notification settings - Fork 97
2 CentOS 7 additional improvements
This article assumes you've completed the previous articles. These instructions were modified from DigitalOcean.
The following instructions are used to manually setup letsencrypt
and automatically integrate with nginx
.
- Install our Lets Encrypt client.
$ sudo yum install -y certbot-nginx
- Generate our certificate.
$ sudo certbot --nginx -d academicstoday.io -d www.academicstoday.io
-
Follow the instructions and choose the most appropriate options.
-
(Optional) Please make a copy of the
/etc/letsencrypt
file. -
Restart
nginx
.
$ sudo systemctl restart nginx
-
Upgrade the security by following the instructions - https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-centos-7. Please see the Step 5 — Updating Diffie-Hellman Parameters section.
-
Restart the server.
$ sudo systemctl restart nginx
-
Would you like to know more?
https://certbot.eff.org/lets-encrypt/centosrhel7-nginx.html
sudo crontab -e
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && /usr/bin/certbot renew && systemctl restart nginx
If your SSL is not being populated at your address then follow these.
Enter the following URL to your browser.
https://www.ssllabs.com/ssltest/analyze.html?d=academicstoday.io