2.3 KiB
2.3 KiB
Generate a Certificate Using Let's Encrypt 🔒
To get around the certificate warnings in Chrome, you might want to install a certificate from a trusted Certificate Authority (CA). Luckily, there are CAs like Let's Encrypt which provide certificates for free.
Using Certbot
Certbot is the program we'll be using to issue certificates from Let's Encrypt.
Pre-requisites: You will need a domain name or subdomain pointed to the IP address of your server.
- Install Certbot by heading to the instructions page. Select None of the above for the software and the right operating system for your setup.
- Follow the installation instructions, and stop once you get up to the part
where you run the
certbot certonlycommand. - Ensure your code-server instance isn't running, and any other webservers that could interfere are also stopped.
- Run the following command, replacing
code.example.comwith the hostname/domain you want to run your server on, to issue a certificate:sudo certbot certonly --standalone -d code.example.com - Follow the prompts, providing your email address and accepting the terms where required.
- Once the process is complete, it should print the paths to the certificates and keys that were generated. You can now restart any webservers you stopped in step 2.
Starting code-server with a Certificate and Key
Just add the --cert and --cert-key flags when you run code-server:
./code-server --cert=/etc/letsencrypt/live/code.example.com/fullchain.pem --cert-key=/etc/letsencrypt/live/code.example.com/privkey.pem
You can now verify that your SSL installation is working properly by checking your site with SSL Labs' SSL Test.
Next Steps
You probably want to setup automatic renewal of your certificates, as they expire every 3 months. You can find instructions on how to do this in Certbot's documentation.