Why use ASGI/WSGI between Python application and nginx when Python application can directly communicate to nginx? Why is that middle man needed? These were the questions that came to my mind when I was dabbling with FastAPI and I have to install uvicorn to host the Python application. Whereas Python itself can open a port and listen to incoming request.

In this post we are going to provision HTTPS certificate from Let's Encrypt and use that in our SSL termination program nginx. We are going to use Ansible for this automation.

Today I'll go through how get and configure a HTTPS certificate from Let's Encrypt for all the subdomain. I have already posted about how we can automate installation of Jenkins & Nginx with Ansible. I have also done a post where I talk about how to enable HTTPS on a non-wildcard basis i.e. only for the root domain and not on subdomain.

I don't claim to be a DevOps expert. I just know some basic ssh and scp, that's all. I have done whatever server configuration till date by ssh'ing into instances and then configuring them by hand. But now-a-days I feel like spinning up and destroying a server has increased in my life style.

In 2014, Google hinted that they are running tests taking into account whether sites use secure, encrypted connections as a signal in our search ranking algorithms. This means it will affect SEO in some way. Today in the age of HTTP2, https is defualt. Default in the sense that many server software will only allow HTTP2 when https is configured.