• 아마존 리눅스에 nginx 설치
sudo amazon-linux-extras install nginx1
sudo systemctl start nginx
sudo systemctl enable nginx
sudo systemctl status nginx
  • 이후에 Install letsencrypt on amazon linux 2 따라서 Let's encrypt와 certbot 설치.
  • python-certbot-nginx 플러그인 설치: sudo yum install python-certbot-nginx
  • sudo certbot --nginx 실행하고 How to Secure Nginx with Let’s Encrypt on CentOS 8 의 Step 3: Install Lets Encrypt Certificate on CentOS 8 참조해서 certbot 설정.
  • /etc/nginx/nginx.conf 열어서 가장 마지막의 # Settings for a TLS enabled server. 이하 주석 해제
ssl_certificate "/etc/letsencrypt/live/yourdomain.com/cert.pem";
ssl_certificate_key "/etc/letsencrypt/live/yourdomain.com/privkey.pem";
ssl_session_cache shared:SSL:1m;
ssl_session_timeout  10m;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';

참고문서