If you have web server on which there is a lot of virtual hosts, you may want to have one webroot directory for Letsencrypt SSL certificates only. So when Letsencrypt will make the requests for SSL registration or renewal, it will look in this directory. In this case I did this on CentOS 7 with NGINX web server.
First, let’s create directory what will be used for letsencrypt purposes. It must be writable by your web server user. You can define different path.
[root@machine ~]# mkdir -p /var/www/le-certs
[root@machine ~]# chown -R wwwuser:wwwgroup /var/www/le-certs
Letsencrypt will need access in “.well-known/acme-challenge”. For NGINX add something like this in your server block for desired virtual host.
location ~ /.well-known/acme-challenge/ {
root /var/www/le-certs/;
break;
}
You can also create new file named, for example le-config.conf and add block above in to it. Then you can simply include this line in your virtual hosts.
server {
listen :443 ssl http2;
server_name mywebsite.com www.mywebsite.com;
root /var/www/mywebsite/;
include le-config.conf;
...
}
Recent Comments