(Feb-2023) YouTube Training video on how to setup SSL Certificates for Bahmni:


Generating certificates can be achieved in two ways

  • Manual
  • Automated

Manual 

Please follow the steps mentioned below to generate the certificates manually

Install acme.sh

curl https://get.acme.sh | sh

DNS manual mode


acme.sh --issue --dns -d aa.com -d www.aa.com


Please make sure that you get an output like the one below:

Add the following txt record:
Domain:_acme-challenge.aa.com
Txt value:9ihDbjYfTExAYeDs4DBUeuTo18KBzwvTEjUnSwd32-c

Add the following txt record:
Domain:_acme-challenge.www.aa.com
Txt value:9ihDbjxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Please add those txt records to the domains. Waiting for the dns to take effect.


Rerun acme.sh with renew argument:

acme.sh --renew -d aa.com


Automated

Lego can be used to automate the process of generating certificates. Currently it comes with multiple optional DNS providers.

1.Download the latest version from releases 

Download from https://github.com/xenolf/lego/releases


2.Install golang -> https://golang.org/doc/install

Install golang from https://golang.org/doc/install


3.Obtain a certificate using the DNS challenge and AWS Route 53

AWS_REGION=us-east-1 AWS_ACCESS_KEY_ID=my_id AWS_SECRET_ACCESS_KEY=my_key lego --email="foo@bar.com" --domains="example.com" --dns="route53" run


For other ways to obtain certificate as mentioned in above step, refer DNS providers







Configure Valid SSL Certificates

Free SSL/TLS Certificates using LetsEncrypt