M2M2: Installing certbot

During setup and installation of the server for M2 I found that it wouldn’t run on an insecure IP address but it requires a FQDN with valid SSL certification. So I registered a .dev domain, because, well, why not.

Just for full-disclosures sake, here’s the path for this;

  • Registered domain
  • Updated DNS to point to the newly reserved IP address for the M2 server
  • Installed certbot;
sudo apt-get update
sudo apt-get install software-properties-common
sudo add-apt-repository universe
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install certbot python-certbot-nginx
  • Generate DH encryption;
sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
  • Set the correct hostnames and whatnot to allow certbot to function;
sudo nano /etc/nginx/sites-available/example.com
server {
    listen 80;
    listen [::]:80;

    root /var/www/example.com/public_html;

    index index.html;

    server_name example.com www.example.com;

    access_log /var/log/nginx/example.com.access.log;
    error_log /var/log/nginx/example.com.error.log;

    location / {
        try_files $uri $uri/ =404;
    }
}
  • Create a catch-all symlink for enabled sites in nginx and reboot;
sudo rm -rf /etc/nginx/sites-enabled/*
sudo ln -s /etc/nginx/sites-available/* /etc/nginx/sites-enabled
sudo service nginx restart
  • Run certbot;
sudo certbot --nginx certonly

Leave a Reply

Your email address will not be published. Required fields are marked *