TAGS

There are no tags associated with this article.

Installation and use of SSL certificates (LetsEncrypt) to protect websites running on CREODIAS instances in Linux.

This article shows how to Install Let’s Encrypt SSL on Ubuntu 18.04 with Nginx

1. Login to OpenStack dashboard, choose the right project if different than default, go to Project → DNS → Zones, click Create Zone and fill the required fields (DNS as a Service - user documentation).

In the example below the domain is "akdomain.pl".

To add a new record to domain, click Create Record Set next to domain name and fill the required fields. For example, to configure an address of web server in akdomain.pl , so that www.akdomain.pl is resolved to 185.52.195.61 which is a Floating IP address of your server, you should fill the form as follows:

 

 

2. Add Security Group

Then select Project → Network → Security Groups, click Create Security Group and fill the required fields. (See: How to use security groups in Horizon?)

 

Next click Manage Rules → Add Rule, add port 80, 8080, 443

Then add Security Group to the Instance.

Project → Instances, select the menu on the right of your instance and click Edit Security Groups

Add DNSy group to Instance Security Groups

3. Configure NS records for your domain to the following CloudFerro name servers:

Purpose
Name Server
IP
primary name server cf2-ns1.cloudferro.net 185.48.233.242
secondary name server cf2-ns2.cloudferro.net 185.48.233.243
secondary name server cf2-ns3.cloudferro.net 185.48.233.244

 

4. Connect to your server with SSH (How to connect to your virtual machine via SSH in Linux?) and login as root.

Once you are logged in, run the following commands to make sure that all installed packages on your server are updated to the latest available version

apt update && apt upgrade

 

5. Install the Nginx Web Server

Install nginx
apt -y install nginx

 

Once the Nginx web server is installed, it should be automatically started. You can check its status with the following command:

systemctl status nginx

6. Install Certbot

apt install software-properties-common
add-apt-repository universe
add-apt-repository ppa:certbot/certbot

 

During the process of adding the repository you will be prompted to hit the Enter button to accept it. After that update the repositories list

apt update

Once the repository is added and the repositories list updated, go ahead and install the Certbot Nginx package

Install Certbot Nginx
apt -y install python-certbot-nginx

 

7. Install a Let's Encrypt SSL certificate

Nginx configuration
certbot --nginx -d www.akdomain.pl

 

You can use Cerbot to verify the certificate and check the certificate expire date

certbot certificates

Result: