So you have installed kong and you are ready for it to go into production. Whoops, nossl certificate yet? It is important that you add it as credentials will be moving between your gateway and credentials could be acquired by any party in between the client and your server.
But the standalone nginx plugin for cerbot does not work from my testing. As it is built on nginx, kong is not nginx.
Easiest Way is to Install Nginx
If Kong is running on port 80 then stop it: sudo systemctl stop kong
Install Nginx:
sudo apt install nginx
Install Certbot for nginx on your operating system
Get your certificates with the cert-only option:
sudo certbot --nginx certonlyWhen that completes it will tell you where your certificates and keyfile are:
Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/api.fixes.co.za/fullchain.pem
Your key file has been saved at: /etc/letsencrypt/live/api.fixes.co.za/privkey.pem
Add these locations to ssl_cert and ssl_cert_key respectively.
Also make sure ssl = on
Stop Nginx:
sudo systemctl stop nginx
sudo systemctl start kong
Remove nginx:
sudo apt remove nginx