All threads / Free SSL for Rails and Nginx using Let's Encrypt Discussion

Ask A Question

Notifications

You’re not receiving notifications from this thread.

Free SSL for Rails and Nginx using Let's Encrypt Discussion

Chris Oliver asked in General
Hey Chris! looks like these instructions are no longer working with the latest versions of letsencrypt that use certbot.. do you know how to get it runing with the latest version? I Tried using certbot but couldn't get it to work.

This article needs to be updated. The command given to create the cert does not work at this point of the tutorial. It seems Certbot has changed slightly many steps.

how add subdomain https wildcard?

this is a little bit outdated, and I hope Chris doesnt mind me posting this, this is what you would do on an ubuntu 18.04 and nginx:

sudo apt-get update
sudo apt-get install software-properties-common
sudo add-apt-repository universe
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update

then

sudo apt-get install certbot python-certbot-nginx

now create the certificate

sudo certbot --nginx

this will alter your nginx site-enabled/default file, so make a copy and move it outside site-enabled/default to somewhere else safe.

here is a copy of my default file, I modified it a bit to work with action cable

upstream app {
        server 127.0.0.1:3000;
}
server {
    root /var/www/app_name_here/public;
    index index.html index.htm index.nginx-debian.html;
    server_name app_name_here; # managed by Certbot
    location / {
        # First attempt to serve request as file, then
        # as directory, then fall back to displaying a 404
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_redirect off;
        proxy_pass http://app;
    #   try_files $uri $uri/ =404;
    }
location /cable {
         proxy_pass http://app;
         proxy_http_version 1.1;
         proxy_set_header Upgrade $http_upgrade;
             proxy_set_header Connection "Upgrade";
             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
             proxy_set_header Host $http_host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-Proto https;
             proxy_redirect off;
    }    

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/app_name_here/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/app_name_here/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /root/dhparams.pem; # managed by Certbot
}
server {
    listen 80 ;
    listen [::]:80 ;
    return 301 https://$host$request_uri;
}

do not copy and paste the default file, its here for you to look at :)
I hope this helps someone, and please if you have any feedback please let me know

Hi, Bozazitz! Thanks for the help out!

Join the discussion

Want to stay up-to-date with Ruby on Rails?

Join 34,885+ developers who get early access to new tutorials, screencasts, articles, and more.

    We care about the protection of your data. Read our Privacy Policy.

    logo Created with Sketch.

    Ruby on Rails tutorials, guides, and screencasts for web developers learning Ruby, Rails, Javascript, Turbolinks, Stimulus.js, Vue.js, and more. Icons by Icons8

    © 2020 GoRails, LLC. All rights reserved.