https://www.digitalocean.com/community/tutorials/how-to-serve-flask-applications-with-gunicorn-and-nginx-on-ubuntu-18-04#step-6-%E2%80%94-securing-the-application says for running a flask web application with gunicorn and nginx with https:
Certbot provides a variety of ways to obtain SSL certificates through plugins. The Nginx plugin will take care of reconfiguring Nginx and reloading the config whenever necessary. To use this plugin, type the following:
sudo certbot --nginx -d your_domain -d www.your_domain
This runs certbot with the –nginx plugin, using -d to specify the names we’d like the certificate to be valid for.
https://stackoverflow.com/a/59702094/ says that for running an asp.net web application with https:
On Ubuntu the standard mechanism would be:**
dotnet dev-certs https -vto generate a self-signed cert
- convert the generated cert in ~/.dotnet/corefx/cryptography/x509stores/my from pfx to pem using
openssl pkcs12 -in <certname>.pfx -nokeys -out localhost.crt -nodes
- trust the certificate using
- verify if the cert is copied to
- verify if it’s trusted using
openssl verify localhost.crt
I was wondering if the above two ways are to achieve the same goal as obtaining a server certificate for a web server to host a web application?
Specifically, do the single
certbot command and the
dotnet dev-certs https and
openssl commands do the same thing?
Are the two ways working directly on web servers, instead of web applications?
Can the two ways replace each other in their use case scenarios? (suppose
dotnet dev-certs https would work on Ubuntu, for simplifying my questions.)
I am new to digital certificate, and have seen the above two approaches for different web application frameworks, and am trying to understand the commonality.