I had to teach myself about how to to renew an SSL Certificate today. It was decently easy. It was done on a linux EC2 machine, so assume bash and ubuntu for all these commands. I’ll keep this as mostly the commands themselves.
I had to do a bunch of stuff outside of the command, check a bunch of locations, set up some inbound rules, and the like, but all of that is aws specific, and needed to be done because I didn’t initially set up the server. This was the final command that I used was the following:
sudo systemctl stop nginx
sudo certbot certonly --standalone -d host.name.com
sudo systemctl start nginxThe server was using nginx as the web server doing the rerouting from http to https, etc. A bunch of stuff I still don’t know. I’ll add more to this page later as I learn new stuff. Just need to make sure I note this down and don’t loose it.
The actual command that was critical was certbot certonly. This generated the new certifications, using the service Let’s Encrypt. Before using this method, you need to make sure that their APIs can actually reach your website and is open to the public internet. For me, this mean punching a very big hole in the firewall (setting inbound rules to allow 0.0.0.0/0 on port 80 and port 443 on for both HTTP and HTTPS).
I’ll have to dig into how to automate this for the company later, but enough of that for now. Closing this note.