Nginx:

sudo yum install nginx

#edit config
sudo mcedit /etc/nginx/nginx.conf

#error log
tail -100 /var/log/nginx/error.log

Disable SELinux (Security Enhanced Linux) due to some error related to Nginx error: “Permission denied when connecting to upstream“:

sudo mcedit /etc/selinux/config

#go to line 'SELINUX=enforcing'
#and replace it to: SELINUX=disabled

Let’s Encrypt: Free SSL certificate (3-month renewal period)

https://letsencrypt.org/getting-started/

Certbot: Easy SSL certificate installation for CentOS:

https://certbot.eff.org/#centosrhel7-nginx

Revoke a cert in order to create cert for the same domain on new server:

#ssh to old server to revoke
sudo certbot revoke \
--cert-path /etc/letsencrypt/live/DOMAIN-HERE/cert.pem

#ssh to new server to create
#remember to update nginx configuration file to 
#contain the same domain for some server_name
sudo certbot --nginx

#test new cert
sudo certbot renew --dry-run

References:

Advertisements