Setup SSL Certificates & Serve your Applications over HTTPS for Free with Dokku & Let's Encrypt

DevOps DevOps
Dokku Dokku
HTTPS HTTPS
Let's Encrypt Let's Encrypt
SSL Certificate SSL Certificate

In this tutorial we are going to take a look at how we can setup free SSL certificates for our Dokku powered applications with Let's Encrypt.

Let's Encrypt is a non-profit organization that provides TLS (Transport Layer Security) encryption at no charge. Their goal is to make the web a more secure place by providing free 90 days SSL certificates so that more people can server their applications and websites of HTTPS.

We will make use of Dokku's Let's Encrypt plugin to manage https:// for our applications and apply cron jobs so that our SSL certificates will auto-renew upon expiry.

First of all, make sure that you have added and set you domains from within your Dokku instance. I assume that you have changed your name servers and configured your DNS records specific to your server and domain according to the previous tutorials of this series.

dokku domains:add frontend yourdomain.com
dokku domains:set frontend yourdomain.com
dokku domains:add backend api.yourdomain.com
dokku domains:set backend api.yourdomain.com

Before we start we can also double check that everything is working as intended.

dokku domains:report

The report should contain the following output if we have setup our domains correctly.

=====> backend domains information
       Domains app enabled:           true
       Domains app vhosts:            api.yourdomain.com
       Domains global enabled:        true
       Domains global vhosts:         yourdomain.com
=====> frontend domains information
       Domains app enabled:           true
       Domains app vhosts:            yourdomain.com
       Domains global enabled:        true
       Domains global vhosts:         yourdomain.com

1. Install Dokku's Let's Encrypt Plugin

Dokku comes packed with plugins that integrate with third-party services like databases and other open-source tools. A plugin that I specifically like is Dokku's Let's Encrypt Plugin which makes it super simple to setup free SSL certificates that can be auto-renewed with cron jobs.

Let's install the plugin (on your server)

sudo dokku plugin:install https://github.com/dokku/dokku-letsencrypt.git

2. Add your Email to your Dokku Config

Add an email in your config for LetsEncrypt.

dokku config:set --no-restart backend DOKKU_LETSENCRYPT_EMAIL=some@email.com
dokku config:set --no-restart frontend DOKKU_LETSENCRYPT_EMAIL=some@email.com

3. Setup SSL certificates for your apps

As soon as the emails are added to your Dokku config we can go ahead and add SSL certificates to our apps. 

dokku letsencrypt backend
dokku letsencrypt frontend

4. Add Cron Jobs to automatically renew your SSL certificates

dokku letsencrypt:cron-job --add

dokku letsencrypt:auto-renew

Could it get any simpler? Your SSL certificates are now set up and your application is served via https://.

5. Redirect www. to non-www.

As a bonus I thought I'd share how you can redirect www. to non-www. to eliminate confusion for the end-user. To achive this we will use Dokku's redirect plugin.

dokku plugin:install https://github.com/dokku/dokku-redirect.git

When the plugin is installed we can go ahead and set the redirects.

dokku redirect:set backend www.api.yourdomain.com api.yourdomain.com

dokku redirect:set frontend www.yourdomain.com yourdomain.com

If you remember the old days of buying SSL certificates and uploading them via cPanel, you can truly appreciate the simplicity of this process. A Big shoutout to all the people working on the open-source project Dokku and the people behind Let's Encrypt!

Did You Enjoy the Tutorial?

Consider sending some love to Freddie the creator.

Comments (0)

You need to be logged in to comment..

Topics Mentioned in this Tutorial

DevOps
6
0
24
DevOps stands for Development Operations and is a set of practices used to improve software development and information-technology operations. Part of the DevOps responsibility is to setup servers, integrate continuous integration and continuous deployment (CI/CD) to maintain and improve the development life cycle....
Dokku
7
0
0
With Dokku web developers can build their own PaaS (Platform-as-a-Service) with help of Docker and open sourced Heroku build packs. Dokku Installs on any hardware and drastically lowers your cost as Dokku is both free and open source. The dokku setup process is extremly simple and only takes a matter of minutes to complete. Once Dokku is installed and your PaaS is ready for use you can push your local development project using Git. Which builds your applicaion using Heroku buildpacks that runs in isolated Docker containers. As a result, you can run your own PaaS on the cloud provider of your c...
HTTPS
1
0
0
HTTPS stands for Hypertext Transfer Protocol Secure and is the secure extension of HTTP (Hypertext Transfer Protocol). The protocol is used for secure communication of over computer networks and is most commonly used on the internet to serve web applications and websites securely. ...
Let's Encrypt
1
0
0
Let's Encrypt is a non-profit organisation that provides free SSL/TLS certificates. With Let's Encrypt developers can generate free 90 day SSL certificates that can be used to secure websites and applications. To date, Let's Encrypt have issued over 200 million certificates that secures websites across the web....
SSL Certificate
1
0
0
SSL certificates are used to establish a secure connection from web browser to server. The certificates are digital files that bind a cryptogrpahic key to a organizations details while at the same time allowing applications and websites to be served over HTTPS (https://)....