"multi-domain" or "SAN" (Subject Alternative Names) SSL certificate

[Pralish]

trafficstars

We might need to point multiple domains to a single ip. In such cases we can obtain a single multi-domain SSL certificate for all the domains with let's encrypt. That way we can have a consistent nginx config.

sudo certbot certonly --manual --preferred-challenges=dns --email [email protected] --server https://acme-v02.api.letsencrypt.org/directory --agree-tos --manual-public-ip-logging-ok -d "*.everyoneisdoingdrugs.com" -d "everyoneisdoingdrugs.com" -d "*.everybodyisdoingdrugs.com" -d "everybodyisdoingdrugs.com"

Nginx Config:

server {
    listen      80;

    #Rewrite all nonssl requests to ssl.
    return 301 https://$host$request_uri;
}



server {
    location / {
        proxy_pass http://localhost:3000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
    client_max_body_size 4G;

    listen 443 ssl;
    ssl_certificate <PATH TO fullchain.pem >;
    ssl_certificate_key <PATH TO privkey.pem >;
}

[donrestarone]

this solves: https://github.com/restarone/violet_rails/issues/1534