# Certificates
Let's Encrypt certificates are generated via the Acme.sh tool.
# Creating Certificates
- Export AWS ENV vars with
solarix-certbotaccess keys.
export AWS_ACCESS_KEY_ID=XXXXXXXXXX
export AWS_SECRET_ACCESS_KEY=XXXXXXXXXXXXXXX
- Issue DNS-based certificate generation command for domain(s):
$ acme.sh --issue --force --dns dns_aws -d solarix.dev -d *.solarix.dev -d solarix.host -d *.solarix.host -d solarix.site -d *.solarix.site -d solarix.tools -d *.solarix.tools -d *.client.solarix.dev -d *.project.client.solarix.dev
...
[Sun Apr 12 00:05:10 UTC 2020] Your cert is in /home/ubuntu/.acme.sh/solarix.dev/solarix.dev.cer
[Sun Apr 12 00:05:10 UTC 2020] Your cert key is in /home/ubuntu/.acme.sh/solarix.dev/solarix.dev.key
[Sun Apr 12 00:05:10 UTC 2020] The intermediate CA cert is in /home/ubuntu/.acme.sh/solarix.dev/ca.cer
[Sun Apr 12 00:05:10 UTC 2020] And the full chain certs is there: /home/ubuntu/.acme.sh/solarix.dev/fullchain.cer
For more information see the official documentation.
# Add Certs to Server
# NGINX
ssl_certificate /home/ubuntu/.acme.sh/solarix.dev/solarix.dev.cer;
ssl_certificate_key /home/ubuntu/.acme.sh/solarix.dev/solarix.dev.key;