Using certbot apply let's encrypt certificate
In order to use NGINX module, certbot
needs to use it's own NGINX server or it needs to modify the NGINX configuration.
Steps
Preparation
- Shutdown application which listening on port 80 and port 443
docker stop nginx
- Install software if haven't installed
Note: skip this step if packages installed
apt install certbot
apt install python3-certbot-nginx
- Request certificate
Note: do not need to start nginx service, certbot will start it automatically
certbot certonly --nginx -d <domain1> -d <domain2>
- certificate location
Certificate can be found in following directory
ls /etc/letsencrypt/live/domain1/
- stop nginx created by certbot
systemctl stop nginx
systemctl disable nginx
- setup docker certificates
Copy privkey.pem and fullchain.pem into docker configuation directory.
Another way
Run certbot docker choud be better as no additional package install, and the certbot service can be stopped using docker command