Update SSL Certificates

Update SSL Certificates

by John Vincent


Posted on March 1, 2017


This is part of a series of discussions regarding Deploying to a Digital Ocean Droplet. For more details, please see Overview of johnvincent.io website

Update SSL Certificates

For details on creating the SSL certificates, please see SSL Certificates - Let’s Encrypt & Nginx

Auto Renewal

This is great when it works. Usually there is trouble.

cd tmp
sudo letsencrypt renew

If it works, you are all done. Else, read on.

Use Nginx with HTTP only

cd tmp
enable-http

Or, in more details...

See "Enable Server Blocks" in Configure non-SSL Nginx at Digital Ocean

Remove server configurations

cd  /etc/nginx/sites-enabled
sudo rm *

Notice the commands:

sudo ln -s /etc/nginx/sites-available/http/...

Execute all of those commands.

Restart Nginx

sudo nginx -t
sudo systemctl restart nginx

Use letsencrypt

cd tmp
encrypt-ssl

Or, for more details...

See "Add SSL for Domain and Subdomains" in SSL Certificates - Let’s Encrypt & Nginx

Notice the commands:

sudo letsencrypt certonly……..

Copied here for ease of use:

sudo letsencrypt certonly -a webroot --webroot-path=/var/www/johnvincent.io/html -d johnvincent.io -d www.johnvincent.io

sudo letsencrypt certonly -a webroot --webroot-path=/var/www/test.com/html -d test.johnvincent.io -d www.test.johnvincent.io

sudo letsencrypt certonly -a webroot --webroot-path=/var/www/ghost/html -d ghost.johnvincent.io -d www.ghost.johnvincent.io

sudo letsencrypt certonly -a webroot --webroot-path=/var/www/linkedin/html -d linkedin.johnvincent.io -d www.linkedin.johnvincent.io

Execute all of those commands.

Use Nginx with HTTPs only

cd tmp
enable-https

Or, for more details...

See "Enable Server Blocks" in Configure SSL Nginx at Digital Ocean

Remove server configurations

cd  /etc/nginx/sites-enabled
sudo rm *

Notice the commands:

sudo ln -s /etc/nginx/sites-available/https/...

Execute all of those commands.

Restart Nginx

sudo nginx -t
sudo systemctl restart nginx

Test SSL Certificates

See "Test SSL Certificates" in Configure SSL Nginx at Digital Ocean

Notice the commands:

https://www.ssllabs.com/ssltest/analyze.html?d=

Execute all of those commands.