Automate your ssl certificate renewal: renew_cert.sh
Let’s Encrypt offers free SSL certificates, so there’s no reason
to not support https on your site. Getting set up is easy (I used
this guide), but you still have to renew your certificate every 90
days.
I pulled this script together from the acme-tiny instructions:
#!/bin/bash
set -eufx -o pipefail
echo "Last refreshed: " \
$(cat ~/.certrefresh 2> /dev/null || echo "never")
cd certinfo/
python acme_tiny.py \
--account-key ./account.key \
--csr ./domain_and_subdomain.csr \
--acme-dir /www/acmecert/YOUR_DOMAIN/challenges/ \
> ./signed.crt
wget -O - https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem \
> intermediate.pem
cat signed.crt intermediate.pem > chained.pem
sudo cp chained.pem /etc/ssl/YOUR_DOMAIN/
sudo /etc/init.d/nginx reload
date > ~/.certrefresh