Hi, Habr. This post is intended for fans of freebies and contains a ready-made recipe for obtaining a domain name, DNS server services and an SSL certificate with costs of 0 rubles 0 kopecks. Free cheese is only in a mousetrap, and this is true, so the recipe is more likely for those who want a nice link to their personal small project with https support and not for serious projects.

Domain name

We go to the site www.registry.cu.cc , we immediately drive in the desired name and click check availability => checkout if the desired name is available. After that, we register and go to a private office where we see our domain names.







We find the right name, go to Nameserver and register DNS DNS there.

DNS server

Next, go here pdd.yandex.ru/domains_add and add the newly created domain name.

')



We see that "Could not find a domain in DNS", wait until Yandex finds it.





After that, we confirm ownership of the domain by adding the appropriate CNAME record as written in the detailed Yandex instructions. After that we wait until Yandex finds the necessary record and confirms ownership of the domain. It may take quite a long time.









After that, we see the long-awaited inscription that the domain is connected and delegated to DNS DNS.





Next, go to the DNS Editor and add an A - record linking the domain name to the ip - address of your server.





It may take quite a long time until this A - entry takes effect. Let's launch something locally (after all, we have registered the server address 127.0.0.1) and see how our domain will be resolved. Works!





On this all with the DNS server, now let's get to get the ssl certificate and provide access to our server via https (security is above all).

SSL certificate

Go to www.startssl.com/Validate , register, select the Validations Wizard => Domain Validation (for SSL certificate) , enter our domain





And there we are offered to prove that we own a domain using an e-mail, we choose any that we like, we create it in Yandex. We send the letter there, we take the code from there and we prove that the domain belongs to us.









Then we go to the Certificates Wizard => Web Server SSL / TLS Certificate , specify our domain, generate and insert the key and click submit





The key can be generated for example

mkdir ./certificates mkdir ./certificates/habr.cu.cc cd ./certificates/habr.cu.cc openssl genrsa -out ./habr.cu.cc.key 2048 openssl req -new -sha256 -key ./habr.cu.cc.key -out ./habr.cu.cc.csr cat ./habr.cu.cc.csr 

Certificate received! Download the archive





Unpack and copy the key files to the nginx directory

 cp ~/Downloads/habr.cu.cc/1_habr.cu.cc_bundle.crt /usr/local/etc/nginx/1_habr.cu.cc_bundle.crt cp ./habr.cu.cc.key /usr/local/etc/nginx/habr.cu.cc.key nano /usr/local/etc/nginx/nginx.conf 

A little we configure config



server {

listen 8080;

ssl on;

server_name localhost;

ssl_certificate /usr/local/etc/nginx/1_habr.cu.cc_bundle.crt;

ssl_certificate_key /usr/local/etc/nginx/habr.cu.cc.key;



Restart nginx

 nginx -s stop nginx 

We open our page using https ... and everything works!





We received a domain name, DNS server services and a confirmed SSL certificate without paying anyone a penny, and it was completely legal. To launch our ultra-mega-gig service, all that remains is to raise the VPS and deploy our program there. Alas, today a free VPS is too good and unreal, you still have to pay for your VPS-server in bloody dollars from your own pocket. But nevertheless all have a good weekend and I hope the note will be useful to someone.