I created a let's encrypt certificate for my domain and install my SSL certificate in the nginx reverse proxy. Now, I want to secure the communication between the proxy and the backend server using also let's encrypt and I have the same domain name for both the proxy and the server. I don't want to use self-signed certificate in the backend server. So, how can I use let's encrypt for both the server and the proxy?
Asked
Active
Viewed 488 times
2 Answers
0
Assuming your backend has a valid DNS name in a zone that you own, then yes you can generate a cert for it. Since it is the backend, you will probably need to use the DNS-01 challenge instead of the HTTP-based challenge. This probably means you need be using a DNS provider that supports some form of dynamic update.
Zoredache
- 133,737
-1
If I understand the response in this link Which ssl certificates go where on an reverse proxy? - nginx. I found that the Let's encrypt certificate can generate internal certificate to the backend server but I don't know how this process is performed?
rita
- 1