Setting Up HTTPS with Let’s Encrypt SSL Certificate For Nginx on RHEL/CentOS 7/6

Best Affordable Linux and WordPress Services For Your Business
Outsource Your Linux and WordPress Project and Get it Promptly Completed Remotely and Delivered Online.

If You Appreciate What We Do Here On TecMint, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Google Plus
  2. Subscribe to our email updates: Sign Up Now
  3. Get your own self-hosted blog with a Free Domain at ($3.45/month).
  4. Become a Supporter - Make a contribution via PayPal
  5. Support us by purchasing our premium books in PDF format.
  6. Support us by taking our online Linux courses

We are thankful for your never ending support.

Matei Cezar

I'am a computer addicted guy, a fan of open source and linux based system software, have about 4 years experience with Linux distributions desktop, servers and bash scripting.

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

16 Responses

  1. Jeff says:

    Hi, I’m still getting a B rating. Was the addition of : ssl_protocols TLSv1 and ssl cipher are needed? Currently I’m only having the 2 ssl perm key written in the nginc.

    As how do you manager to created the cipher number : ssl_ciphers ‘EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH’ Or it’s just generic and i add it directly to nginx file ?

    thanks in advance

    • Ravi Saive says:

      @Jeff,

      Please add the following SSL configuration to your nginx.conf to get A rating.

      listen 443 ssl default_server;
      ssl_certificate /etc/letsencrypt/live/your_domain.tld/fullchain.pem;
      ssl_certificate_key /etc/letsencrypt/live/your_domain.tld/privkey.pem;
      ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
      ssl_prefer_server_ciphers on;
      ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
      

Got something to say? Join the discussion.

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.