Setup SSL certificate with Let’s Encrypt and EnterMediaDb

To use a Let’s encrypt 6 month free SSL certificate within your EnterMedia instance we recommend you to install the Certbot tool for Nginx.

Certbot should include all required  configuration in your NGINX conf file, should look something like this:

#Listen 443 port
server {
  listen 443 ssl;
  server_name client.entermediadb.net;  
  ssl_certificate /etc/letsencrypt/live/client.entermediadb.net/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/client.entermediadb.net/privkey.pem;

  location / {
    proxy_max_temp_file_size 2048m;
    proxy_read_timeout 1200s;
    proxy_send_timeout 1200s;
    proxy_connect_timeout 1200s;
    client_max_body_size 100G;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_pass http://server_location;
  }
}

#Redirects 80 Port to 443
server {
  listen 80;
  server_name uncg.learningmediadb.com;
  return 301 https://$host$request_uri;
}

upstream server_location {
  least_conn;
  server localhost:8080;
  #or use Docker Local IP
  #server 172.18.0.10:8080;
}

Restart NGINX service in order to take new configuration:

sudo service nginx restart

Additionally you can setup a cron job to renew certificate. We recommend to run the renew script every month, setup a cron job for root user like this:

30 2 * * 1 certbot renew >> /var/log/le-renew.log