Let's Encrypt

Examples of getting certificates from Let's Encrypt for NGINX and Node.js servers.

Obtain certificates

I am using the manual method. You have to make a file available through express to pass let's encrypt acme-challenge.

express server for acme challenge

var express = require("express");
var app = express();
var path = require("path");
var fs  =  require("fs");
var server = require('http').createServer(options,app)

app.get('/.well-known/acme-challenge/:path_key'
, function(req, res) {
    res.sendFile(path.join(__dirname + '/path_to_key_file'));
});
server.listen(3000,function(err){
 if(!err) {
 	console.log("server listening oat port 3000");
 }
 else {
 	console.log("something went wrong",err);
 }
});

Running Let's encrypt script

git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt
./letsencrypt-auto certonly --manual --email admin@example.com -d example.com

Before pressing key to continue, replace actual file with challenge key in express server. Make sure your express server is accessible from the domain for which you want to optain the certificate.

This creates a directory: /etc/letsencrypt/live/example.com/ containing below certificate files:

cert.pem
chain.pem
fullchain.pem
privkey.pem

express js (https server)

var express = require('express');
var app = express();
var path = require("path");
var fs  =  require("fs");

var options = {
  key: fs.readFileSync('/etc/letsencrypt/live/example.com/privkey.pem'),
  cert: fs.readFileSync('/etc/letsencrypt/live/example.com/cert.pem'),
  ca: fs.readFileSync('/etc/letsencrypt/live/example.com/chain.pem')
};

var server = require('https').createServer(options,app);
//app.use(express.static(path.join(__dirname, 'public')));
server.listen(3000,function(err){
 if(!err) {
 	console.log("server listening oat port 3000");
 }
 else {
 	console.log("something went wrong",err);
 }
});

NGINX