Get trusted SSL certificate (https) for free with Let's Encrypt and Certbot

Описание

In this tutorial I explain how to get trusted #SSL certificate for free using #LetsEncrypt (and tool #Certbot). Also I've added useful configuration for Nginx what improves security level.
I also explain how to setup firewall on your Unix server. In this video I use Ubuntu 16, but it is relevant also for older versions of Ubuntu.

⭐️ Final config ⭐️
? https://github.com/Cap-Coding/letsencrypt/blob/master/default.conf

⭐️ Support channel on Patreon ⭐️
? https://www.patreon.com/capcoding

⭐️ Resources ⭐️
? Let's Encrypt: https://letsencrypt.org/
? Certbot: https://certbot.eff.org/

? Copy this code into your Nginx config:

ssl_session_cache shared:le_nginx_SSL:1m;
ssl_session_timeout 1d;
ssl_session_tickets off;
ssl_protocols TLSv1.2;
ssl_stapling on;
ssl_stapling_verify on;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_ecdh_curve secp384r1;
add_header Strict-Transport-Security "max-age=15768000; includeSubdomains; preload;";
add_header Content-Security-Policy "default-src 'none'; frame-ancestors 'none'; script-src 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; form-action 'self';";
add_header Referrer-Policy "no-referrer, strict-origin-when-cross-origin";
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";

ssl_trusted_certificate /etc/letsencrypt/live/your-domain/chain.pem;

Get € 20 on Hetzner Cloud hosting:
? https://hetzner.cloud/?ref=GyXEuMSuxUBq

Register domain without hassle on GoDaddy
?https://letyshops.com/r/godaddy-87becf0c4e38

⭐️ TABLE OF CONTENT ⭐️

00:00:00 Introduction
00:00:44 Install dependencies
00:01:40 Configure certbot
00:02:33 Test certificate
00:03:41 Automatic renewal
00:04:12 Improve security
00:05:50 Configure firewall