July 17, 2019

Let's Encrypt a Raspberry Pi

How to setup Let's Encrypt to secure your blog running on your Raspberry Pi

Let's Encrypt a Raspberry Pi

This is a guide to run Let's Encrypt. This how to is part of a series designed to help people setup a Raspberry Pi as a Blog. Read more here: Hello World

In the future I will update this with a better way. We're going to install a program called certbot which has a nice auto-renew feature which automatically installs cronjobs for you - so basically you can on-and-done this. However, because after I'm done setting up let's encrypt I usually also setup nginx running in a docker container - make sure you go read my follow up post to this one so that you can get the auto renewal working right.

Either way, I always start my certificates the same way, and then reconfigure them later.

Let's Encrypt

Prerequisite

You need to first setup port forwarding and DNS so that your Raspberry Pi is accessable from the internet before you can do this step. Feel free to read in my other posts how to do that.

Install

sudo apt install certbot

Run certbot

sudo certbot certonly --standalone -d example.com -d www.example.com

Follow the prompts - it's pretty self explanitory. Replace example.com with your domain name.

I will setup another blog with a different domain name some time later and update this post with more details about how it was for me to register complete with console output logs, etc. I can say this - it's VERY simple. If you ever get lost - certbot has excellent documentation. You basically create an account and register your email and it will start up a web server for you on port 80 and verify and setup your certificates for you.

Now you're ready to use those certs. If you're following the Hello World tutorial, go on to the next section and setup your Ghost and NGINX now.

Happy hacking.