Automatically renew SSL/TLS certificates for all websites using Let's Encrypt and Certbot.
apt-get update &&
apt-get install -y certbot python-certbot-nginxcertbot run -a webroot -i nginx --webroot --webroot-path /var/www/letsencrypt/ -d mywebsite.com -d www.mywebsite.comcertbot delete --cert-name example.comRenewal config files are created in etc/letsencrypt/renewal after the first certificate request. Auto-renewal runs via cron:
/etc/cron.d/certbot
If nginx is acting as a reverse proxy and the web root lives on another server, add a local directory for the challenge and this location block in your nginx .conf:
location /.well-known/acme-challenge {
root /var/www/letsencrypt;
try_files $uri $uri/ =404;
}
H@ppy H@cking