Client Area

 Client Area

Install your Let’s Encrypt SSL certificate with


    wget -O - | sh
    source ~/.bashrc 

    Issue a certificate

    Method 1 : use the same folder to validate all acme challenges

    At first create a new file acme.conf in the folder /etc/nginx/common/ with the following content :

    location /.well-known/acme-challenge/ {
        alias /var/www/html/.well-known/acme-challenge/;

    Then set www-data as owner of the folder /var/www/html :

    chown -R www-data:www-data /var/www/html

    The last step is to include acme.conf in your nginx vhost, by adding the following line :

    include common/acme.conf;

    Reload nginx with the command service nginx reload and you can now issue your first cert with :

    # domain  --issue  -d  -w /var/www/html 
    # domain + www  --issue  -d  -d -w /var/www/html 
    # SAN mode  --issue  -d  -d -d -w /var/www/html 
    # ECDSA Certificates (384 Bits) --issue -d yourdomain.tld -d www.yourdomain.tld -d blog.yourdomain.tld --keylength ec-384 -w /var/www/html

    Method 2 : use Cloudflare DNS API

    configure your api keys

    export CF_Key="sdfsdfsdfljlbjkljlkjsdfoiwje"
    export CF_Email=""
    # domain  --issue  -d  --dns dns_cf 
    # domain + www  --issue  -d  --dns dns_cf  -d 
    # SAN mode  --issue  -d  --dns dns_cf  -d -d 
    # ECDSA Certificates (384 Bits) --issue -d yourdomain.tld -d www.yourdomain.tld -d blog.yourdomain.tld --keylength ec-384 --dns  dns_cf

    Install your SSL certificate in Nginx

    DO NOT use the certs files in ~/ folder, they are for internal use only, the folder structure may change in the future
    Create a folder to store your certs in production

    mkdir -p /etc/nginx/

    Then use the command –install-cert to copy your certs with :

    # for RSA certs --install-cert -d yourdomain.tld \
    --cert-file /etc/nginx/ \
    --key-file /etc/nginx/ \
    --fullchain-file /etc/nginx/ \
    --reloadcmd "systemctl reload nginx.service"
    # for ECDSA certs --install-cert -d yourdomain.tld --ecc \
    --cert-file /etc/nginx/ \
    --key-file /etc/nginx/ \
    --fullchain-file /etc/nginx/ \
    --reloadcmd "systemctl reload nginx.service"

    Then you just have to add the certificates in your nginx configuration.
    Create two files, the first one to add your SSL certificate with the following content :

    # /var/www/yourdomain.tld/conf/nginx/ssl.conf
        listen 443 ssl http2;
        listen [::]:443 ssl http2;
        ssl on;
        ssl_certificate /etc/nginx/;
        ssl_certificate_key     /etc/nginx/;
        ssl_trusted_certificate /etc/nginx/;

    And the another one for the redirection from http to https :

    # /etc/nginx/conf.d/forcessl-yourdomain-tld.conf
    server {
            listen 80;
            listen [::]:80;
            server_name www.yourdomain.tld yourdomain.tld;
            return 301 https://yourdomain.tld$request_uri;

    Certificates Renewal

    All the certs will be renewed automatically every 60 days. But you can also force renewal using the following commands :

    # RSA certs --renew -d --force
    # ECDSA certs --renew -d --force --ecc

    in EasyEngine