certbot (example: home.immegeers.be)

On PC-BUREAU:

open command prompt with administrator rights and execute:

cd C:\Certbot
certbot certonly --manual -d home.immegeers.be

reply:

Create a file containing just this data:

nezT56qSROyM3FkNkACSiCxivgI5Bwi_ZaWthlCWf1A.Lp5FwfklW_CO3xzIdBaBbW2R2GgQB0mccmfH_vC9Em0

And make it available on your web server at this URL:

http://home.immegeers.be/.well-known/acme-challenge/nezT56qSROyM3FkNkACSiCxivgI5Bwi_ZaWthlCWf1A

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Press Enter to Continue

create the file nezT56qSROyM3FkNkACSiCxivgI5Bwi_ZaWthlCWf1A and add nezT56qSROyM3FkNkACSiCxivgI5Bwi_ZaWthlCWf1A.Lp5FwfklW_CO3xzIdBaBbW2R2GgQB0mccmfH_vC9Em0 as content of that file

copy that file to the home server (e.g. by using One Drive and downloading the file with Firefox into /home/eric/Downloads)

On the home server:

disable the Nginx configuration for home.immegeers.be :

cd /etc/nginx/sites-enabled
sudo rm home.immegeers.be

add the file nezT56qSROyM3FkNkACSiCxivgI5Bwi_ZaWthlCWf1A to the Nginx home directory for static files:

cd /var/www/html/.well-known/acme-challenge
sudo cp /home/eric/Downloads/nezT56qSROyM3FkNkACSiCxivgI5Bwi_ZaWthlCWf1A .

restart the Nginx server:

sudo service nginx restart

go back to the command prompt on PC-BUREAU and press enter to continue. Reply:

Waiting for verification...
Cleaning up challenges
←[1m
IMPORTANT NOTES:
←[0m - Congratulations! Your certificate and chain have been saved at:
   C:\Certbot\live\home.immegeers.be\fullchain.pem
   Your key file has been saved at:
   C:\Certbot\live\home.immegeers.be\privkey.pem
   Your cert will expire on 2022-07-12. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot
   again. To non-interactively renew *all* of your certificates, run
   "certbot renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

copy the files generated in the folder C:\Certbot\live\home.immegeers.be to the home server (e.g. by using One Drive and downloading the files with Firefox into /home/eric/Downloads)

add the generated files to the Nginx folder containong all certificates:

cd /etc/nginx/ssl
sudo cp /home/eric/Downloads/*.pem .

save the old certificates for home.immegeers.be to the folder old:

cd old
sudo rm home.immegeers.*
cd ..
sudo mv home.immegeers.* old

rename the new generated files:

sudo mv cert.pem home.immegeers.be.cert.pem
sudo mv chain.pem home.immegeers.be.chain.pem
sudo mv fullchain.pem home.immegeers.be.fullchain.pem
sudo mv privkey.pem home.immegeers.be.privkey.pem

enable the Nginx configuration for home.immegeers.be and restart Nginx:

cd /etc/nginx/sites-enabled
sudo ln -s ../sites-available/home.immegeers.be home.immegeers.be
sudo service nginx restart

certbot & Nginx

see: https://www.nginx.com/blog/using-free-ssltls-certificates-from-lets-encrypt-with-nginx/

© by Eric, 2022 - 2026. All Rights Reserved. Built with Typemill.