Install Cloudflare SSLs That Don't Expire for (up to) 15 YEARS!!

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey guys how's it going hope everybody's doing well out there today in our last docker video we talked a little bit about uh setting up uptime kuma as a monitoring service for the rest of your services and then we stuck that service behind a domain name using cloudflare and enginex proxy manager with let's encrypt server side ssls of course immediately after i released that video uh somebody in my discord i believe it was craig brought this to my attention that there is a much easier way to handle ssls with nginx proxy manager and in this video we're going to take a look at how to do exactly that but first a quick message from today's video sponsor yourcdk.com is a great place to get windows 10 keys at incredibly low prices so here we are on the microsoft windows 10 pro page and right here you can see the current price is 20 dollars and five cents but if you use the coupon code that's in the description down below you'll get it even cheaper so i'm going to go ahead and paste that in here and click apply and now our new total for windows 10 pro is about 15 bucks now i have the option to go ahead and view the keys right here so i'm going to go ahead and click on that then i'll click on get the key and then i'm going to come over here and right there you can change the product key so go ahead and click on that i'm going to go ahead and change the product key right here so i've entered my key and i'll click next then i'll click on activate and here we can see the windows is activated next what we want to do is go ahead and validate the key installation and right there you can see the windows 10 professional edition is permanently activated so head on over to yourcdk.com to get your next windows 10 pro key at ridiculously low prices okay so here we are on my desktop and we can see we've got uptime kuma running uh this is the one that we stuck on my little project server so we can take a look at how it works and that sort of thing and of course over here we've got uh cloudflare setup and we've got nginx proxy manager uh set up here let's actually go over to my proxy hosts so we can kind of see what's going on there so the problem with running uh nginx proxy manager and using let's encrypt ssls on your server is that those ssls have to be renewed about every 60 days so one of the problems with running uh let's encrypt ssls in nginx proxy manager when you're behind cloudflare uh more specifically using cloudflare's proxy is that sometimes the server side ssls won't update unless you're using dns challenges with your setup so what i want to show you how to do in this video is actually i have cloudflare generate an ssl that you can then download and install in your nginx proxy manager and then you have to deal with it for up to believe it or not 15 years so let's take a look at how to do exactly that okay so let's uh go from here on internet's proxy manager uh we'll just jump over here to ssls and here you can see i've got a bunch of let's encrypt stuff in here but i've got a couple of custom certificate providers and that's actually what we're going to do for our dbtech.click domain here so what we'll do is we're going to come over here to dns where we well actually we're going to do is come over here to ssl slash tls and right here you can see that this is set to full and that's fine but what we want to do is come over to origin server and right here what we're going to do is click on create certificate and all of this is basically fine the way it is you can adjust this if you want to but uh it's going to generate a 248 or sorry 2048 bit certificate uh you can use a private key in csr if you want to do that you can you can change this if you want to i would leave this just as it is below that we've got uh two host names listed in here we've got the root domain and we've also got a wildcard domain and right there you can see it's star.dbtech.click as well as just dbtep.click and that star.dbtech.click is actually our wildcard certificate so it will work with any subdomain that we put before dbtech.click so very very easy to use there and then below that we've got a how long do you want your certificate to last and by default it's 15 years uh you can do it from seven days all the way up to 15 years uh with different increments in between um i don't know if you want to do 15 years i that's what i've got mine set to and i haven't had any issues though it's only been about a week since i've done this so um but just know that there is an option to do this up to 15 years so let's just go ahead and click on create here so what we've done here is is what it well what it has done is it's created a couple of different keys we've got our pem file and our dot key files what we're going to do is just copy that and then we're going to open up notepad plus plus like so and then we're just going to create uh that and so we're going to uh save just control s that's all i did there so i'm going to say db tech uh slick dot p-e-m oops i spelled click wrong doesn't matter it doesn't it does not matter what you name these uh as long as uh the the you've got pem correctly and dot key correctly so uh so we're gonna go ahead and just save you know what i'm gonna do this i'm gonna do click ssl uh we're just gonna save it in there like so and then i'll minimize this and i'm gonna come over to here and i'm gonna copy that i'm gonna come back over to here and click new paste that and say uh control s for save and we'll do uh db tech oops click dot e like so so now we have a dot pem file and a dot key file and we're going to need both of those in order to make this work so what we'll do next uh is actually come back over to nginx proxy manager we'll go to ssls uh we'll go we're going to add an ssl that will be custom so we're going to call this db tech click so then we're going to choose our key file that's going to be this one right here this is going to be the dot key file right there and then the certificate will be the pem file so go ahead and do that you don't need an intermediate certificate just skip over that you you just you don't need it so click save and right here now we've got db tech click and right here we can see that it expires september 30th of 2036. uh whereas you can see these others like this one december of 2021 october 2021 all of these are 2021 which means that here in the next couple of weeks they're all gonna have to get updated and again if you're not running a dns challenge with your uh with your nginx proxy manager's connection to cloudflare it could be it could just not work at all so what we want to do next actually is we're going to come back over to here i'm going to back over to overview uh oh sorry we'll go to dns we'll add a record we're going to create a cname record uh we're going to call this uh status and at and um then this doesn't this doesn't matter because uh we're actually uh we're we're not going to use the proxy versus um unproxy doesn't matter for what we're doing here so now we have our dbtech.click setup there so then if we come back over to uh hosts well proxy host add a proxy host we'll say status.dbtech dot click again we're going to leave this http we're going to 192.168.1.183 um we're going to do this on 3001 i believe like so we're going to do uh block common we're going to do public uh yeah well block common exploits will do websocket support i'm going to leave this publicly accessible but what i'm going to do next is actually come over to ssls go to ssl and then we're just going to scroll down until we find our dbtech.click like so we're going to force that and then we'll click save it is also at this point where you can come back over to cloudflare and switch uh go over to ssls under overview and switch this from full to uh full strict because you will have an ssl a trusted ssl certificate on both ends of your setup now and so then what we're looking for is uh today's date which is going to be right here like so and just like that uh now we've got an ssl on our server that will not expire for the next 15 years now here's the thing like if you come back over to here and you click this and you go to certificate you're going to see that this is going to expire in approximately a year that is on the cloudflare side of things they will run all of their updates and everything in the background uh what we're focused mostly on right now is installing that certificate locally so we don't have to worry about any certificate on our servers expiring or not getting updated or things like that uh when you run a certificate this long like i said this is 15 years where we don't have to deal with updating certificates on our side so that's what i wanted to show in this video is kind of a way uh to get around some of the the issues with dns and proxy mode and dns challenges and all of that stuff so just install uh a cloudflare certificate locally and just be done with it i think that's how i'm gonna handle all of this moving forward and i encourage you to take a look at this and see uh if it's something that will work well for you so let me know in the comment section if this worked for you if you've got questions of course i'd love to hear those as well and i will answer any of them that i can uh or or feel are relevant to answers sometimes i get some real dumb questions i don't mean to be rude but sometimes i just get some questions that are like really did you did you did you did you even watch the video i asked somebody asked me a question and my first comment was did you watch the video he said no did he go watch it after after i called so anyway leave your questions down below be more than happy to answer the ones that are relevant um and i think i'm gonna go ahead and wrap things up but first of course i do want to give a big shout out to my channel members my patrons thank you guys so very much uh also if you guys want to pick up your own dot click domain uh through the end of the year you can pick up up to three dot click domains uh through pork bun for 99 cents a pop if you want to do that all of that information will be available in the description down below but with all that being said i'm gonna go ahead and wrap this up as always thanks for your time i always appreciate your support and i'll talk to you the next video [Music] [Music] you

Info

Channel: DB Tech

Views: 26,792

Rating: undefined out of 5

Keywords: DB Tech, DBTech, Install CloudFlare SSLs That Don't Expire for 15 YEARS, Install CloudFlare SSLs, Install CloudFlare SSLs on NGINX Proxy Manager, Install Custom SSLs on NGINX Proxy Manager, 15 Year CloudFlare SSLs on NGINX Proxy Manager, 15 Year CloudFlare SSLs, CloudFlare and NGINX Proxy Manager, NGINX Proxy Manager SSL Update

Id: pwK1LnbTitI

Channel Id: undefined

Length: 10min 27sec (627 seconds)

Published: Tue Oct 05 2021