Am Encrypted!

Let’s Encrypt is in public beta since last night.

And hence the lock icon in the location bar says

My Certificate

Although Let’s Encrypt guys are not shipping auto-install plugin for nginx in this beta, the whole process is smooth.

Here are the steps that I followed:

  • Get the certificates
./letsencrypt-auto certonly
  • Make sym links
sudo ln -s

sudo ln -s /etc/letsencrypt/live/ /etc/nginx/ssl/privkey.pem
  • Configure SSL in nginx site config
server {
    listen 443 ssl;
    add_header Strict-Transport-Security "max-age=31536000";
    ssl_certificate /etc/nginx/ssl/fullchain.pem;
    ssl_certificate_key /etc/nginx/ssl/privkey.pem;
  • Redirect all http to https
server {
       listen         80;
       return         301 https://$server_name$request_uri;
  • Reload nginx
sudo service nginx reload