Topic: Let's Encrypt on an nginx reverse proxy
When: Tuesday April 11th, 7:30 PM to 9:00 PM
Speaker: Allan Cecil
Location: O'Reilly Media, Sebastopol CA in the Tarsier conference room
past the metal statue and to the right (
http://nblug.org/locations )
Description: Let's Encrypt is a way for anyone to enable TLS (as in, HTTPS) support to
a webserver at no cost. However, there are many security considerations involved with
everything from certificate renewal to safe handling of the various files involved. In
this talk and live demo I'll cover how to create a reverse proxy using the nginx
webserver that simultaneously allows multiple webservers to exist at one IP address and
show how isolating Let's Encrypt to a different system increases security. The talk
will also cover more secure (and less risky) methods of automatic key renewal than the
official, somewhat invasive renewal tool.