general meeting
Let’s Encrypt on an nginx reverse proxy
Description: Let’s Encrypt is a way for anyone to enable TLS (as in, HTTPS) support to a webserver at no cost. However, there are many security considerations involved with everything from certificate renewal to safe handling of the various files involved. In this talk and live demo I’ll cover how to create a reverse proxy using the nginx webserver that simultaneously allows multiple webservers to exist at one IP address and show how isolating Let’s Encrypt to a different system increases security. The talk will also cover more secure (and less risky) methods of automatic key renewal than the official, somewhat invasive renewal tool.