In this article you will learn how to use the make-https subcommand in Sail
to request and install a free SSL/TLS certificate from Let's Encrypt.
After you've added and pointed your domain name to your Sail application, you can request an SSL/TLS certificate from Let's Encrypt using the following command:
sail domain make-https example.org www.example.org
Make sure to include any subdomains (such as www) that you want to also be covered by the certificate.
Any issued certificates will automatically be installed on your server, and renewed a few weeks before their expiry date. HTTP traffic will be redirected to HTTPS automatically.
After the certificate has been issued and installed, it is recommended to force-update your primary domain to include HTTPS:
sail domain make-primary example.org --force
Learn more about primary domains here.
If you see the following error while trying to make-https:
Error: Could not obtain SSL certificate for example.org
This means that your domain is likely not pointing to your server correctly. This could be a result of DNS misconfiguration, or simply a propagation problem, since nameserver changes can take up to 48 hours to propagate globally.
You can use tools like whois and dig to make sure your domain is configured
correctly. You could also run make-https in debug mode using the --debug flag
to get more verbose output:
sail --debug domain make-https example.org
Also note that Let's Encrypt has rate limiting in place to prevent abuse, so it is recommended not to attempt to request certificates for the same domain multiple times in a row. If you're waiting for DNS propagation, give it an hour or two and then try again.
If you you're having trouble obtaining your SSL certificate with Sail, please refer to our getting help section.