Sudo nano /etc/nginx/sites-available/default Make sure to update it in the path to your key files as well. Replace with your domain (it appears 4 times below). Create a new file with the following contents.Backup the default config file for reference:Ĭd /etc/nginx/sites-available sudo mv default default.reference.privkey.pem - certificate’s private key (This will be your certificate key file).Ĭonfirm by listing the following directoryĥ.fullchain.pem - both the above certs (This will be your certificate file).chain.pem - Let’s Encrypt chain certificate.The following files will be created in /etc/letsencrypt/archive with symbolic links placed in /etc/letsencrypt/live/ Make sure you allow TCP/22 from your current location for the SSH connection, as well as TCP/443 from the location you wish to use to access from. If you would like to restrict traffic to your instance on AWS, you may now restrict the security groups.Note: Second (or more) domain is optional. letsencrypt-auto certonly -standalone -email -d -d (This will open a web server listening on port 80 to validate the server). If any processes are returned, kill them.Ĭhange to Let’s Encrypt repository location Confirm no applications are listening to port 80:.This will copy the letsencypt repository to /opt/letsencrypt (If it is available via a package manager, you may use that). Clone the letsencrypt repository from github.Ssh -i You may replace with domain name if your DNS has resolved. Get an SSL certificate from Let’s Encrypt We will use letsencrypt to get a free & open-source SSL certificate Enter the subdomain (if desired), select Type CNAME, enter the Public DNS name from the above step to the value field and click CreateĤ.Select your new Hosted Zone and Create Record Set.Enter Domain Name and select Type: Public Hosted Zone, then Create.Configure DNS w/ AWS Route 53 In AWS Services, go to Route 53 In the details below, copy the Public DNS value.Search for your instance, and click Associate.Allocate an Elastic IP In AWS Services, go to EC2 and Elastic IPs Choose an existing key pair or create a new one and Launch InstanceĢ.After this, you may remove that security group and restrict access to a specific IP range. Note: If you will be using letsencrypt in Step 4 to get an SSL certificate, you will need to allow traffic to the server on port 80 until your certificate is created. Create a new Security group if you would like to restrict traffic to a certain IP address range.Add a Value to the Name Key and click Next.Adjust the size, or add a second encrypted volume if needed and click Next.Leave as defaults or change if needed and click Next.Launch an EC2 instance In AWS Services, go to EC2, Instances, and Launch Instance Get an SSL Certificate from Let’s Encryptġ.Securing your server with a free SSL certificate from Let’s Encrypt.Hosting a domain name with Amazon Route 53.Hosting rocket.chat on an Amazon EC2 instance.Deploying Rocket.Chat on Amazon Web Services
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |