= getssl =
Obtain SSL certificates from the letsencrypt.org ACME server.

 * https://github.com/srvrco/getssl

{{{#!highlight sh
curl --silent https://raw.githubusercontent.com/srvrco/getssl/latest/getssl > getssl
chmod 700 getssl
./getssl -h
# create configuration files and folder for www.example.org 
./getssl -c www.example.org
nano ~/.getssl/www.example.org/getssl.cfg
}}}

{{{#!highlight sh
# specify correct ACL option
CA="https://acme-v02.api.letsencrypt.org"
ACL=('/var/www/www.example.org/.well-known/acme-challenge')
}}}

{{{#!highlight sh
./getssl www.example.org
}}}

=== /etc/nginx/sites-enabled/www.example.org ===
{{{#!highlight sh
server {
  #listen 443;
  listen 80;
  server_name www.example.org;
  root /var/www/html;
  location / {
    # proxy_pass http://localhost:8181/;
  }

  ssl_certificate /etc/ssl/certs/www_certificate_bundle.crt;
  ssl_certificate_key /etc/ssl/private/www_private.key;
}
}}}

{{{#!highlight sh
~/.getssl/www.example.org/
cp fullchain.crt /etc/ssl/certs/www_certificate_bundle.crt
cp www.example.org.key /etc/ssl/private/www_private.key
nginx -t
service nginx restart
curl https://www.example.org/ -vvv 2>&1 | grep -e "expire date" -e Host
}}}