Search notes:

Installing a Let's Encrypt certificate for nginx

After installing certbot etc, I was able to install a Let's Encrypt certificate for a virtual nginx server like shown here:

Preparation (in a shell)

domain=renenyffenegger.ch
subdomain=…
servername=$subdomain.$domain
mailaddress=mail@$domain

Create a new nginx virtual server:

sudo sh -c "echo 'server {
    listen 80;
    listen [::]:80;
    server_name $servername;
}' > /etc/nginx/conf.d/$servername.conf"

# sudo certbot -m $mailaddress --agree-tos --nginx -d $servername --test-cert
sudo   certbot -m $mailaddress --agree-tos --nginx -d $servername

Certbot writes something like

> Saving debug log to /var/log/letsencrypt/letsencrypt.log
> Requesting a certificate for ….renenyffenegger.ch
> 
> Successfully received certificate.
> Certificate is saved at: /etc/letsencrypt/live/….renenyffenegger.ch/fullchain.pem
> Key is saved at:         /etc/letsencrypt/live/….renenyffenegger.ch/privkey.pem
> This certificate expires on …
> These files will be updated when the certificate renews.
> Certbot has set up a scheduled task to automatically renew this certificate in the background.
> 
> Deploying certificate
> Successfully deployed certificate for ….renenyffenegger.ch to /etc/nginx/conf.d/….renenyffenegger.ch.conf
> Congratulations! You have successfully enabled HTTPS on https://….renenyffenegger.ch

TODO

Make this virtual server a proxy server by including the following snippet into /etc/nginx/conf.d/$servername.conf:

location / {
   proxy_pass http://localhost:8888;
   proxy_set_header Host $host;
   proxy_set_header X-Real-IP $remote_addr;
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
   proxy_set_header X-Forwarded-Proto $scheme;
}

Index

Fatal error: Uncaught PDOException: SQLSTATE[HY000]: General error: 8 attempt to write a readonly database in /home/httpd/vhosts/renenyffenegger.ch/php/web-request-database.php:51 Stack trace: #0 /home/httpd/vhosts/renenyffenegger.ch/php/web-request-database.php(51): PDOStatement->execute(Array) #1 /home/httpd/vhosts/renenyffenegger.ch/php/web-request-database.php(66): id_of(Object(PDO), 'uri', '/notes/developm...') #2 /home/httpd/vhosts/renenyffenegger.ch/php/web-request-database.php(30): insert_webrequest_('/notes/developm...', 1759399815, '216.73.216.42', 'Mozilla/5.0 App...', NULL) #3 /home/httpd/vhosts/renenyffenegger.ch/httpsdocs/notes/development/security/cryptography/SSL-TLS/Lets-Encrypt/install-certificate-for-nginx(78): insert_webrequest() #4 {main} thrown in /home/httpd/vhosts/renenyffenegger.ch/php/web-request-database.php on line 51