Generate or renew letsencrypt certbot certificate for load balanced nginx server on Digital Ocean

ssl-certificate load-balancing certbot digital-ocean

Solution 1:

As pointed out by @ceejayoz

This sort of situation is why Let's Encrypt supports DNS-based challenge/auth

You should use the DNS feature of certbot. This will require that you add a new TXT record to the DNS records that certbot will then validate against. This removes the necessity to send HTTP requests to the load-balanced machines.

Alternatively, you can setup the same challenge on all LB systems so that no matter which host the certbot client checks against, it gets the challenge back. This obviously won't work if your having certbot do standalone mode.

Related

Linux: How to optimally configure data partition on multi user system (including LDAP users)?
Wordpress installation not accepting AWS RDS credentials
How to create connection between AWS VPC and my PC/LAN?
Setting up Certification Authority on WinServer2003 and configuring IIS SSL
Interview Question: Virtualization and software quality assurance
error editing SharePoint page
Why is it necessary to chmod o+r parent directory to fix 403 access forbidden error with Nginx and Passenger?
How to instal the PHP MCrypt + library (libmcrypt) on CentOS 5 server
chmod -R 777 /. - RHEL 5.5
Executing SU in a bash script
Centos 6.3 disk space allocation
Server performance for high traffic? [closed]