Skip to main content

Free SSL for Rails and Nginx using Let's Encrypt Discussion

General • Asked by Chris Oliver
Hey Chris! looks like these instructions are no longer working with the latest versions of letsencrypt that use certbot.. do you know how to get it runing with the latest version? I Tried using certbot but couldn't get it to work.

This article needs to be updated. The command given to create the cert does not work at this point of the tutorial. It seems Certbot has changed slightly many steps.


how add subdomain https wildcard?


this is a little bit outdated, and I hope Chris doesnt mind me posting this, this is what you would do on an ubuntu 18.04 and nginx:

sudo apt-get update
sudo apt-get install software-properties-common
sudo add-apt-repository universe
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update

then

sudo apt-get install certbot python-certbot-nginx

now create the certificate

sudo certbot --nginx

this will alter your nginx site-enabled/default file, so make a copy and move it outside site-enabled/default to somewhere else safe.

here is a copy of my default file, I modified it a bit to work with action cable

upstream app {
        server 127.0.0.1:3000;
}
server {
    root /var/www/app_name_here/public;
    index index.html index.htm index.nginx-debian.html;
    server_name app_name_here; # managed by Certbot
    location / {
        # First attempt to serve request as file, then
        # as directory, then fall back to displaying a 404
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_redirect off;
        proxy_pass http://app;
    #   try_files $uri $uri/ =404;
    }
location /cable {
         proxy_pass http://app;
         proxy_http_version 1.1;
         proxy_set_header Upgrade $http_upgrade;
             proxy_set_header Connection "Upgrade";
             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
             proxy_set_header Host $http_host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-Proto https;
             proxy_redirect off;
    }    

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/app_name_here/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/app_name_here/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /root/dhparams.pem; # managed by Certbot
}
server {
    listen 80 ;
    listen [::]:80 ;
    return 301 https://$host$request_uri;
}

do not copy and paste the default file, its here for you to look at :)
I hope this helps someone, and please if you have any feedback please let me know


Login or Create An Account to join the conversation.

Subscribe to the newsletter

Join 24,647+ developers who get early access to new screencasts, articles, guides, updates, and more.

    By clicking this button, you agree to the GoRails Terms of Service and Privacy Policy.

    More of a social being? We're also on Twitter and YouTube.