V3 Generate SSL certificate with Let's Encrypt

The goal of this article is to provide you the steps needed to generate a trusted SSL certificate using Let's Encrypt with Debian.

Backup private key and certificate

Before running the SSL certificate generation, backup the existing private key and the certificate:

mv /etc/ssl/private/motion.key /etc/ssl/private/motion.key.bak mv /etc/ssl/certs/motion.crt /etc/ssl/certs/motion.crt.bak


Install package dependencies

Connect to your server through SSH console and install the following packages:

apt -y install certbot

Obtaining a Certificate

TCP port 80 must be open to your server in order to obtain the certificate

 

Before obtaining the certificate, stop nginx service and be sure that no service is running on TCP port 443:

systemctl stop nginx

 

Once you installed the certbot package, you can run the command in SSH console and follow the instructions:

 

At the end of the process, your certificate, private key, and LE chain will be installed to /etc/letsencrypt/live/<YOUR_DOMAIN> directory.

Install the certificate

Copy the generated private key and certificate to the default directory (used by Asterisk and Nginx):

Restart services

Restart Asterisk and Nginx services in order to apply changes:

 

Related contents