Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revision | |||
| blocks:server:nginx [2025-09-15 12:14] – [Acquire Let's Encypt certificates using DNS-01 challenge] mattias | blocks:server:nginx [2025-09-15 13:19] (current) – [Acquire Let's Encypt certificates using DNS-01 challenge] mattias | ||
|---|---|---|---|
| Line 101: | Line 101: | ||
| - You can't use the automatic " | - You can't use the automatic " | ||
| - | ====Acquire Let's Encypt certificates using DNS-01 challenge==== | ||
| - | This outlines the principle steps to set up automatic certificate renewals on an internal server. | ||
| - | For this to work the server must have internet access. Digital ocean will be used as example here but the same principles apply to many major dns providers.. | ||
| - | Make sure you have a blocks system that works over http before attempting to att secure content over https. | ||
| - | |||
| - | For DNS-01 challange to work on must use a DNS provider that has api access and a plugin that can make use of that api and work with the Let's Encypts cerbot. | ||
| - | |||
| - | ===Principle steps=== | ||
| - | |||
| - | Outline of the steps involved: | ||
| - | |||
| - | - | ||
| - | - | ||
| - | - | ||
| - | - | ||
| - | - Create a file to store the api token or secret. Typically stored in an .ini file under / | ||
| - | - make sure the necessary cert-bot plugin is installed. Follow the dns providers instructions. | ||
| - | - run the certbot | ||
| - | - Configure nginx to handle the incoming requests the way you want. | ||
| - | |||
| - | ===Example of using Digital Ocean as dns provider=== | ||
| - | - At the domain name registrar, configure the domain to use Digital Oceans nameservers. | ||
| - | - | ||