GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → eustasy → Bubbly

eustasy / Bubbly

Licence: MIT license
Better SSL in Nginx in 10 minutes. Configuration files and setup scripts for Certbot.

Programming Languages

shell
77523 projects
ruby
36898 projects - #4 most used programming language

Labels

nginxsslcertificatecertbot

Projects that are alternatives of or similar to Bubbly

Bubbly
Better SSL in Nginx in 10 minutes. Configuration files and setup scripts for Certbot.
Stars: ✭ 213 (-1.84%)
Mutual labels:  ssl, certificate, certbot
Ansible Role Certbot
Ansible Role - Certbot (for Let's Encrypt)
Stars: ✭ 477 (+119.82%)
Mutual labels:  ssl, certificate, certbot
Cert
Cert is the Go tool to get TLS certificate information.
Stars: ✭ 166 (-23.5%)
Mutual labels:  ssl, certificate
Sslfie
Generate self-signed x.509 certificates for use with SSL/TLS
Stars: ✭ 169 (-22.12%)
Mutual labels:  ssl, certificate
Ssl exporter
Exports Prometheus metrics for SSL certificates
Stars: ✭ 211 (-2.76%)
Mutual labels:  ssl, certificate
sslcontext-kickstart
🔐 A lightweight high level library for configuring a http client or server based on SSLContext or other properties such as TrustManager, KeyManager or Trusted Certificates to communicate over SSL TLS for one way authentication or two way authentication provided by the SSLFactory. Support for Java, Scala and Kotlin based clients with examples. Av…
Stars: ✭ 295 (+35.94%)
Mutual labels:  ssl, certificate
Acmetool
🔒 acmetool, an automatic certificate acquisition tool for ACME (Let's Encrypt)
Stars: ✭ 1,882 (+767.28%)
Mutual labels:  ssl, certificate
Mutual Tls Ssl
🔐 Tutorial of setting up Security for your API with one way authentication with TLS/SSL and mutual mutual authentication for a java based web server and a client with both Spring Boot. Different clients are provided such as Apache HttpClient, OkHttp, Spring RestTemplate, Spring WebFlux WebClient Jetty and Netty, the old and the new JDK HttpClient, the old and the new Jersey Client, Google HttpClient, Unirest, Retrofit, Feign, Methanol, vertx, Scala client Finagle, Featherbed, Dispatch Reboot, AsyncHttpClient, Sttp, Akka, Requests Scala, Http4s Blaze, Kotlin client Fuel, http4k, Kohttp and ktor. Also other server examples are available such as jersey with grizzly. Also gRPC examples are included
Stars: ✭ 163 (-24.88%)
Mutual labels:  ssl, certificate
Websockify
Websockify is a WebSocket to TCP proxy/bridge. This allows a browser to connect to any application/server/service.
Stars: ✭ 2,942 (+1255.76%)
Mutual labels:  ssl, certificate
qiniu-auto-cert
七牛 CDN 证书自动化工具
Stars: ✭ 20 (-90.78%)
Mutual labels:  ssl, certificate
ssl-date-checker
Nodejs Library to check and report on the start and expiration date of a given SSL certificate for a given domain.
Stars: ✭ 21 (-90.32%)
Mutual labels:  ssl, certificate
Aspnetcorecertificates
Certificate Manager in .NET Core for creating and using X509 certificates
Stars: ✭ 135 (-37.79%)
Mutual labels:  ssl, certificate
Serverpilot Letsencrypt
Automate the installation of Let's Encrypt SSL on the free plan of ServerPilot
Stars: ✭ 129 (-40.55%)
Mutual labels:  ssl, certbot
Certbot Route53
Helping create Let's Encrypt certificates for AWS Route53
Stars: ✭ 159 (-26.73%)
Mutual labels:  ssl, certbot
Certstrap
Tools to bootstrap CAs, certificate requests, and signed certificates.
Stars: ✭ 1,689 (+678.34%)
Mutual labels:  ssl, certificate
Pem
Easy PEM file parsing in Python.
Stars: ✭ 122 (-43.78%)
Mutual labels:  ssl, certificate
wile
Stripped down letsencrypt (ACME) client
Stars: ✭ 15 (-93.09%)
Mutual labels:  ssl, certificate
Pki
The Dogtag Certificate System is an enterprise-class Certificate Authority (CA) which supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management.
Stars: ✭ 97 (-55.3%)
Mutual labels:  ssl, certificate
Https Localhost
HTTPS server running on localhost
Stars: ✭ 122 (-43.78%)
Mutual labels:  ssl, certificate
Acme Nginx
python acme client for nginx
Stars: ✭ 248 (+14.29%)
Mutual labels:  ssl, certificate
View All Similar Projects ➔

Bubbly

For configuring Certbot with Nginx

Build Status Codacy Badge Maintainability

If you want an instant A+ score on Qualys SSL Labs and A score on SecurityHeaders.io, then this is what you'll need to do. You won't need any familiarity with Certbot, Let's Encrypt, the ACME spec, or SSL in general, just basic Nginx configuration.

1. Install Certbot and Clone Bubbly

We'll start off by cloning the project into the home folder with git.

cd &&
sudo apt install git certbot &&
git clone https://github.com/eustasy/bubbly

2. Generate Statics

Generate the static keys once per server.

~/bubbly/bubbly_generate-statics.sh

As it will warn, this will take a while.

Have a seat.

3. Copy config blocks

When you've gone and made something in the 15 minutes that could well take, or you've just set up a new SSH session, copy the Nginx configuration over to the Nginx area.

~/bubbly/bubbly_copy-configs.sh

4. Configure & Enable Verification

Copy the verification site template and replace the instances of example.com in the file with your actual domain name.

sudo cp /etc/nginx/sites-available/bubbly_verify.conf /etc/nginx/sites-available/example.com.conf
sudo nano /etc/nginx/sites-available/example.com.conf

Use Ctrl and \ to initiate a search and replace for example.com with your domain.

sudo ln -s /etc/nginx/sites-available/example.com.conf /etc/nginx/sites-enabled/example.com.conf
sudo nginx -t && sudo service nginx reload

Alternatively, you can simply add include location/bubbly_well-known-passthrough.conf; to an existing site you want to continue working while we upgrade.

5. Fetch Certificates

Fetch your certificates like this:

~/bubbly/bubbly_renew-ssl.sh -d example.com -d www.example.com

It will ask for the root password, and an email address, so hang around, it shouldn't take more than a few seconds.

6. Start using the Certificates

Remove the verification config you just made, and replace it with a live version of the site. You'll need to more carefully review the [OPTION]s in this file, as you'll also need to change the certificate location to match the domain name you requested. Consider taking a look at the [OPTION]s and [WARNING]s in other linked config files.

sudo rm /etc/nginx/sites-available/example.com.conf
sudo cp /etc/nginx/sites-available/bubbly_live.conf /etc/nginx/sites-available/example.com.conf
sudo nano /etc/nginx/sites-available/example.com.conf

Use Ctrl and \ to initiate a search and replace for example.com with your domain.

sudo nginx -t && sudo service nginx reload

7. Automate Renewal

Edit crontab.conf and append it to your existing cron jobs for automatic renewal. This is important, since Let's Encrypt certificates expire in three months.

nano ~/bubbly/crontab.conf
cat ~/bubbly/crontab.conf > /tmp/bubbly-crontab
crontab -l >> /tmp/bubbly-crontab
crontab /tmp/bubbly-crontab

Screenshot of SSLLabs.com

Screenshot of SecurityHeaders.io

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].