Improve setup with Let's Encrypt

ffdixon · ffdixon · commit 9c7ea703a889 · 2020-03-22T07:30:36.000-05:00
diff --git a/_posts/2019-02-15-install.md b/_posts/2019-02-15-install.md
@@ -803,6 +803,10 @@ $ sudo apt-get install certbot
 
 Next, generate a set of 4096-bit diffie-hellman parameters to improve security for some types of ciphers.
 
+```bash
+sudo openssl dhparam -out /etc/nginx/ssl/dhp-4096.pem 4096
+```
+
 Before you can generate a certificate on your server, you need to configure BigBlueButton to use the intended hostname.  If you have not already done so, use the following command (replace `bigbluebutton.example.com` with your own DNS name), to configure the BigBlueButton server with your hostname.
 
 ```bash
@@ -865,7 +869,11 @@ And add the following two lines at the bottom:
 
 These two directives will execute the `certbot renew` command every Monday at 2:30 am, and then reload Nginx at 2:35am (so the renewed certificate will be used). The output will be piped to a log file located at /var/log/le-renewal.log, so you can always check it later.
 
-To finish the SSL configuration, continue with the steps at [Configure FreeSWITCH to user WebRTC](#configure-freeswitch-for-using-ssl).
+To finish the SSL configuration, do
+
+  * [Configure FreeSWITCH to user WebRTC](#configure-freeswitch-for-using-ssl)
+  * [Configure BigBlueButton to load session via HTTPS](#configure-bigbluebutton-to-load-session-via-https)
+  * [Test your HTTPS configuration](#test-your-https-configuration)
 
 # Troubleshooting
 
