Closed rachejazz closed 1 year ago
Good idea. I agree that we should use Let's Encrypt for this, and we'll configure it so it uses something like certbot to renew the certificate regularly, but we'll definitely want a validity check to make sure this doesn't break. This can either be done with our current monitoring server or, as you say, in our cicd build system (though that has a chance of missing things if we don't have commits for a while :smile: )
Ah you're right, then maybe setting up a monthly cron will be better :D
Followed snap-based instructions at https://certbot.eff.org/instructions?ws=apache&os=ubuntufocal for a free Let's Encrypt certificate on our Ubuntu 20.04 server, and cron is set up to automatically renew.
It's been few months we're running on http. We need to use ssl cert for our server to make it more secure. I am thinking of using let's encrypt certs and deploy using certbot. Will be easy and just another automation check on our cicd to check for expiration