Installation and use of SSL certificates (LetsEncrypt) to protect websites running on CREODIAS instances in Linux.
This article shows how to Install Let’s Encrypt SSL on Ubuntu 18.04 with Nginx
1. Login to OpenStack dashboard, choose the right project if different than default, go to Project → DNS → Zones, click Create Zone and fill the required fields (DNS as a Service - user documentation).
In the example below the domain is "akdomain.pl".
To add a new record to domain, click Create Record Set next to domain name and fill the required fields. For example, to configure an address of web server in akdomain.pl , so that www.akdomain.pl is resolved to 184.108.40.206 which is a Floating IP address of your server, you should fill the form as follows:
2. Add Security Group
Then select Project → Network → Security Groups, click Create Security Group and fill the required fields. (See: How to use security groups in Horizon?)
Next click Manage Rules → Add Rule, add port 80, 8080, 443
Then add Security Group to the Instance.
Project → Instances, select the menu on the right of your instance and click Edit Security Groups
Add DNSy group to Instance Security Groups
3. Configure NS records for your domain to the following CloudFerro name servers:
|primary name server||cf2-ns1.cloudferro.net||220.127.116.11|
|secondary name server||cf2-ns2.cloudferro.net||18.104.22.168|
|secondary name server||cf2-ns3.cloudferro.net||22.214.171.124|
4. Connect to your server with SSH (How to connect to your virtual machine via SSH in Linux?) and login as root.
Once you are logged in, run the following commands to make sure that all installed packages on your server are updated to the latest available version
5. Install the Nginx Web Server
Once the Nginx web server is installed, it should be automatically started. You can check its status with the following command:
6. Install Certbot
During the process of adding the repository you will be prompted to hit the Enter button to accept it. After that update the repositories list
Once the repository is added and the repositories list updated, go ahead and install the Certbot Nginx package
7. Install a Let's Encrypt SSL certificate
You can use Cerbot to verify the certificate and check the certificate expire date