Easily use Let's Encrypt to HTTPS-protect your own server, for free
The search engines and browser makers are telling us to encrypt all websites. A driving factor is to protect everyone from not only miscreants wanting to hijack the web for nefarious goals, but the government security agencies who are snooping into everything. If everything on the Web is encrypted, then we'll all be better off. Until Let's Encrypt came along, the requirement to encrypt carried with it a high cost of paying for SSL certificates, and therefore many website owners would be unable to keep going. The free Lets Encrypt service opens HTTPS up to regular folk, allowing all website owners to encrypt their web traffic irregardless of how deep their pockets are. With that in mind, let's look into what it takes to set up HTTPS using Let's Encrypt.
Manage Letsenrypt HTTPS/SSL certificates with a Docker container using Cron, Nginx, and Certbot
Modern websites must have HTTPS support for security reasons. As a result web browsers and search engines have begun downgrading sites that do not support HTTPS. That means we all must have a simple, low cost, way to set up HTTPS support on our websites. The Letsencrypt project offers free SSL certificates for HTTPS. In this project we will create a Docker container for handling HTTPS via Nginx, and automated SSL certificate renewal using the Letsencrypt command-line tools (Certbot).
Using NGINX, Lets Encrypt and Cron in Docker to manage HTTPS/SSL certificates for multiple domains
NGINX is a hugely flexible webserver with which it's very easy to manage HTTPS with Lets Encrypt. With a simple configuration file it is easy to add HTTPS support to a back-end service, using NGINX's reverse proxy. It's possible to use this for deployments both small and large. As with any website Internet-visible nowadays, it is necessary to use HTTPS. Which leads to the task of using Lets Encrypt to provision SSL certificates for several domains, using NGINX to terminate the HTTPS connections, while proxying from NGINX to the actual services. This blog post discusses a Docker container designed explicitly for that purpose.