LetsEncrypt HTTPS w/ NodeBB Forum
-
I would recommend https://www.sslforfree.com which is LetsEncrypt based and offers DNS verification, then follow standard nginx ssl guidelines to install the certificates.
Once done check your site here:
https://www.ssllabs.com/ssltest/index.htmlMy score is 100% after some tuning of nginx
-
Here's a tutorial for a wildcard cert:
https://blog.nodebb.org/generating-your-first-wildcard-ssl-certificate-via-lets-encrypt/
Here's one for a single thing:
https://community.nodebb.org/topic/8375/how-to-let-s-encrypt-and-nodebb
-
Thanks a bunch for the help! I got it working nice.
The only thing is I am not encrypting any WWW. domain and LetsEncrypt seems to automatically redirect regular traffic to https:// for me. Although if you tried to visit the domain by typing in WWW.domain.com in the address bar it would break.
I followed a guide for fixing the redirect and it seems to work fine, although I'm not sure if I'm using too many server blocks in my file? I tried a few different methods listed on the forums but they did not work "showing too many 301 redirects" - the only way to do it was create a 3rd server block and change port 80 to 443:
# linked file server { server_name altariderhq.com; location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Host $http_host; proxy_set_header X-NginX-Proxy true; proxy_pass http://127.0.0.1:4567; proxy_redirect off; # Socket.IO Support proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/altariderhq.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/altariderhq.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = altariderhq.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name altariderhq.com; return 404; # managed by Certbot } server { server_name www.altariderhq.com; return 301 $scheme://altariderhq.com$request_uri; }
-
It's common to have many server blocks. I have a ridiculous amount in mine.