Setup Web SSL
Currently your website should be running on http://YOUR_DOMAIN which is not secure.
In this section we will enable HTTPS on the web with help of LetsEncrypt so you can access your site like https://YOUR_DOMAIN.
-
If you are using CloudFlare as your DNS Provider. You can use it's free SSL feature by enabling it from their dashboard and ignore this section. Read more about it here.
-
If you are using MineTrax with Docker, Don't follow this section.
Certbot Installation & Issue Certificate
Follow the install and certificate issue process for your webserver either Apache2 or Nginx.
- Apache2
- Nginx
Install Certbot and it's Apache2 plugin with apt.
sudo apt install -y certbot python3-certbot-apache
Find what domain you have setup in your apache2 config file for minetrax minetrax.conf. In our case it was your_domain.com and www.your_domain.com.
Run the certbot to issue certificates for these domains. Make sure to replace your_domain.com with your own domain.
sudo certbot --apache -d your_domain.com -d www.your_domain.com
Finally incase it ask you if you want to Redirect all your traffic to https. Select the option to redirect (option 2 in most cases).
Install Certbot and it's Nginx plugin with apt.
sudo apt install -y certbot python3-certbot-nginx
Find what domain you have setup in your nginx config file for minetrax minetrax.conf. In our case it was your_domain.com and www.your_domain.com.
Run the certbot to issue certificates for these domains. Make sure to replace your_domain.com with your own domain.
sudo certbot --nginx -d your_domain.com -d www.your_domain.com
Finally incase it ask you if you want to Redirect all your traffic to https. Select the option to redirect (option 2 in most cases).
Now you should be able to access your website with https://YOUR_DOMAIN.
Update .env to use HTTPS
Now that we have HTTPS enabled on the website. We need to update our .env file to use HTTPS instead of HTTP.
Open the .env file in your favorite editor and update the APP_URL from http://YOUR_DOMAIN to https://YOUR_DOMAIN.
cd /var/www/minetrax
nano .env
APP_URL=https://YOUR_DOMAIN
Save the file and that's it.
Verify Certbot Auto-Renewal
LetsEncrypt certificates are valid only for 3 months. The certbot package we installed takes care of this for us by adding a systemd timer that will run twice a day and automatically renew any certificate that's within thirty days of expiration.
Check the status of the timer.
sudo systemctl status certbot.timer
To check if auto renew will succeed.
sudo certbot renew --dry-run
If you see no errors, you're all set.