I have always struggled with how packages are versioned and published to the npm registry.
My main concern is that you probably want to also add a git tag to your source code when you are releasing a new version, but npm packages have their own versioning system, and include a &quot;version&quot; field in the package.json
Because of this, most of the workflows I have seen, usually involve:
<ol>
<li>Running <code>npm version ...</code>. This will update the &quot;version&quot; field in the package.json file.</li>
<li>Publishing the package to the npm registry, using the version set in previous step.</li>
<li>Committing to git, so that we track the change in package.json file.</li>
<li>Adding a git tag.</li>
<li>Pushing to git remote to track new commit and new tag.</li>
</ol>
<blockquote>
Steps 3 and 4 are frequently done automatically as part of <code>npm version</code>.
</blockquote>
For me this flow has two main problems:
<ul>
<li>
My personal preference is that everything is driven by git tags, making them the single source of truth.
This would allow to just have one manual step -&gt; <code>git tag -a v1.0.0 -m &quot;...&quot; &amp;&amp; git push origin --tags</code>. Then, this would trigger a number of potential automations, including publishing to the npm registry, but also others like creating a release with the appropriate release notes, building release artifacts, etc.
</li>
<li>
The &quot;version&quot; field in the package.json file can very easily become outdated, if you git-tag by mistake before publishing the package, or if pushing the changes fails after <code>npm version ...</code> has been run.
I&#x27;ve seen this happening more often than it seems.
</li>
</ul>
Because of this, my current take when publishing npm packages for my personal projects is:
<ol>
<li>
Get rid of the &quot;version&quot; field from the package.json file. It&#x27;s misleading in source code, as it can very easily be out of date.
The only case where it&#x27;s useful is when the package has been installed and is inside node_modules, as other packages will assume this field to exist and have the right value on it.
In this case it&#x27;s always going to be correct due to the<code>npm version ...</code> + <code>npm publish</code> tandem (see next point).
</li>
<li>
Creating the git tag is the only &quot;manual step&quot;. This triggers an automation running <code>npm version ${GIT_TAG} --git-tag-version=false &amp;&amp; npm publish</code> (this is simplified. You probably also need to build your project and other potential extra steps).
The version to publish is inferred from the git tag (<code>${GIT_TAG}</code> is just a placeholder), and only at this stage we will set the &quot;version&quot; inside package.json, just before the package is published.
</li>
<li>
Other automations that need to happen during releases, can be also triggered now, like publishing release notes, building artifacts, etc.
</li>
</ol>
<blockquote>
As an example, you can see <a target="_blank" rel="noopener noreferrer" href="https://github.com/shlinkio/github-actions/blob/24de7a2b89a9eb11b0acfd184de7187698b051b6/.github/workflows/js-lib-publish.yml">this GitHub actions workflow</a>, which follows this approach.
</blockquote>

I have always struggled with how packages are versioned and published to the npm registry. My main concern is that you probably want to also add a git tag to your source code when you are releasing a new version, but npm packages have their own versioning system, and include a "version" field in…

My current take when publishing packages to the npm registry

A couple of weeks ago I migrated a React project using redux to <a target="_blank" rel="noopener noreferrer" href="https://redux-toolkit.js.org/">Redux Toolkit</a>.
Redux has always been my preferred state management tool for React (which doesn&#x27;t mean I &quot;love&quot; it), but one of its main problems is the amount of boilerplate code it requires.
Because of that I had a couple of helper functions, but there was still some things not properly handled, like proper type inference on reducers and actions (I use TypeScript).
A bit by accident (I think it was on Twitter), I found out about Redux Toolkit (RTK from now on), an official library from the redux team, which provides some opinionated helpers to reduce the amount of boilerplate, and I decided to give it a chance.
These are my impressions.
<h3>TL;DR</h3>
I first started to use it in a proof of concept, and I quickly loved it.
RTK does not &quot;replace&quot; any of the redux principles, so you can progressively adopt it, by replacing small bits of code. My plan was to use it just for some reducers, but I liked it so much that I ended up migrating the whole project in a series of consecutive pull requests.
<h3>A bit of context</h3>
Before the migration, I used to follow the <a target="_blank" rel="noopener noreferrer" href="https://github.com/erikras/ducks-modular-redux">ducks modular pattern</a>, which promotes putting all your action types, action creators and the reducer handling those actions on the same module.
This fits pretty well with RTK, as in most of the cases you will use <a target="_blank" rel="noopener noreferrer" href="https://redux-toolkit.js.org/api/createSlice">slices</a>, and end up exporting the reducer and action creators returned by it, from the same module.
If you use <a target="_blank" rel="noopener noreferrer" href="https://redux-toolkit.js.org/api/createAsyncThunk">async thunks</a>, they usually need to be used by that same slice, so it&#x27;s not a bad idea to export them also from there.
<h3>Why I love it</h3>
There are a couple of reasons for which I loved RTK right away. The main one is that they make an impressive work on making type inference in TypeScript work properly.
<ul>
<li>Slices detect the type of the initial state in order to know what is expected to be passed as <code>state</code> to reducers.</li>
<li>You can infer the type of your store from what is generated by <code>configureStore</code> or <code>combineReducers</code> functions, allowing you to also properly type the <code>dispatch</code> function.</li>
<li>Action creators are generated with the proper param types based on the reducers provided to <code>createSlice</code> or the callback provided to <code>createAsyncThunk</code>.</li>
<li><code>createSlice</code> can consume all the action creators generated by <code>createAsyncThunk</code>, and infer the proper payload for each one of them.</li>
</ul>
Thanks to this, the code is super predictable and potential bugs can be caught sooner.
<blockquote>
More details on how to use RTK with typescript https://redux-toolkit.js.org/usage/usage-with-typescript
</blockquote>
But this is not the only benefit. Other reasons that make it very nice to work with are:
<ul>
<li>It keeps the same concepts from Redux, but removing the boilerplate or your own helper functions if you have them (yes, I didn&#x27;t want to keep all those <code>switch</code> statements everywhere).</li>
<li>It is mostly transparent for the components dispatching the actions or consuming the state.</li>
<li>All the tests covering your reducers/actions/components should keep passing, as the outcome from RTK is the same as if you built everything manually.</li>
<li>It introduces a couple of extra helpers, like <a target="_blank" rel="noopener noreferrer" href="https://redux-toolkit.js.org/rtk-query/overview">RTK query</a> or the <a target="_blank" rel="noopener noreferrer" href="https://redux-toolkit.js.org/api/createListenerMiddleware">listener middleware</a>, which is very useful to dispatch actions as a result of other actions being dispatched.</li>
</ul>
<h3>Challenges I found</h3>
Of course, adopting a new tool always comes with some challenges.
The main &quot;problem&quot; I found is that RTK is a bit opinionated, but that&#x27;s precisely how they manage to reduce boilerplate code, and it&#x27;s also &quot;advertised&quot; in their website, so not a big surprise.
I usually prefer to be in control of everything (configuration over convention), but that&#x27;s just a personal preference, and sometimes it&#x27;s ok to accept a bit of magic for the sake of simplicity.
This caused the next challenges for my particular case:
<ul>
<li>
RTK assumes your project follows a strict <a target="_blank" rel="noopener noreferrer" href="https://redux.js.org/tutorials/fundamentals/part-7-standard-patterns#flux-standard-actions">Flux pattern</a>, meaning your actions always have the properties <code>type</code>, <code>payload</code> and optionally <code>meta</code> and <code>error</code>.
I was not following this pattern (my actions had the payload &quot;mixed&quot; on the first object level), so I had to adapt all my actions first, fix the tests, then migrate the reducer to RTK and make sure the tests kept passing.
<div></div>
</li>
<li>
Immutability is no longer promoted in reducers. Instead, the library requires <a target="_blank" rel="noopener noreferrer" href="https://immerjs.github.io/immer/">immer</a> internally, and using proxies they automatically ensure immutability, even if you &quot;mutate&quot; the state.
This feels a bit counterintuitive at first, because redux always promoted an immutable approach, and the use of immer is not obvious.
However, they have <a target="_blank" rel="noopener noreferrer" href="https://redux-toolkit.js.org/usage/immer-reducers#why-immer-is-built-in">good reasons</a> to do it, and if your reducers return a state object, you can still use the immutable approach. It&#x27;s up to you.
<div></div>
</li>
<li>
Action creators resulting of <code>createAsyncThunk</code> can only have one argument.
This is because the async thunk callback receives a second argument containing the <code>dispatch</code> and <code>getState</code> functions, as well as a couple of other goodies, enforcing this convention to avoid human errors.
<div></div>
</li>
<li>
You cannot dispatch other actions after the callback passed to <code>createAsyncThunk</code>, because it has to return the payload and RTK dispatches the action for you.
However, this is probably something you usually should not be doing, and in my case, I resolved it with the <a target="_blank" rel="noopener noreferrer" href="https://redux-toolkit.js.org/api/createListenerMiddleware">listener middleware</a>, listening for the second action in order to dispatch the second one.
</li>
</ul>
<h3>Conclusion</h3>
My conclusion is that RTK is definitely worth it if you use redux.
It makes code simpler, more predictable and better typed. However, it still requires knowing how redux works internally and what are its patterns, in order to understand why the library exposes the helpers it exposes and why.
For existing redux projects, you can migrate progressively, addressing the challenges bit by bit and not all at once, which simplifies its adoption.
For new projects in which you want to use redux, I would recommend starting right away with RTK.

A couple of weeks ago I migrated a React project using redux to Redux Toolkit. Redux has always been my preferred state management tool for React (which doesn't mean I "love" it), but one of its main problems is the amount of boilerplate code it requires.

Because of that I had a couple of helper…

My experience migrating to Redux Toolkit (RTK)

In 2019, GitHub published their own solution to run automated workflows called GitHub Actions, which allowed those hosting their code in GitHub, to be able to define and run their CI/CD pipelines in the same platform. When it was released, one of the main pain points to use it was that defining…

How to reduce duplication in your GitHub Actions workflows

Recently ReactJS v18 was released. I started to look into its improvements, and checked which of my projects could benefit from them.
The main react-based project I maintain at the moment of writing this article is <a target="_blank" rel="noopener noreferrer" href="https://github.com/shlinkio/shlink-web-client">shlink-web-client</a>, so I naturally created a new branch and started the process.
The update was quite smooth, as most of the other dependencies I was using from the react ecosystem were already updated to support v18. All but one, <a target="_blank" rel="noopener noreferrer" href="https://enzymejs.github.io/enzyme/">enzyme</a>, the testing framework I was using to unit-test react components.
To be precise, I was able to continue running my tests, but some of them (those using <code>mount</code> instead of <code>shallow</code>) were still rendering components with the &quot;old&quot; React v17 approach, causing them to behave as in that version and a warning being printed in the console.
<h3>First fix attempt</h3>
The way enzyme integrates with the react version you are using is through an adapter library. The last official one supports only React v16, but someone released an <a target="_blank" rel="noopener noreferrer" href="https://github.com/wojtekmaj/enzyme-adapter-react-17">unofficial adapter for v17</a> which, with close to 650k weekly downloads, quickly became the way to go.
I checked if there was one for React 18, but sadly there wasn&#x27;t.
Also, the author of the adapter for v17 posted an article indicating <a target="_blank" rel="noopener noreferrer" href="https://dev.to/wojtekmaj/enzyme-is-dead-now-what-ekl">enzyme is dead</a>, he was not going to release one for v18, and publishing one for v17 was a mistake.
With those facts in mind, I started to face what was probably going to be the moment to migrate to <a target="_blank" rel="noopener noreferrer" href="https://testing-library.com/docs/react-testing-library/intro">react testing library</a>.
<h3>Migration strategy</h3>
I decided to follow a migration strategy similar to the one suggested in the article above, but with a couple of modifications:
<ul>
<li>I update to React 18 anyway, as tests still pass.</li>
<li>Migrate right away all tests using <code>mount</code>, as those are the ones behaving differently.</li>
<li>New tests should be written directly with react testing library (RTL from now on).</li>
<li>When an existing test needs to be changed, consider migrating it to RTL, and do it if there&#x27;s time.</li>
<li>Introduce some PR from time to time just migrating a handful of tests.</li>
<li>Once everything is migrated, get rid of everything related with enzyme.</li>
</ul>
<h3>First contact and impressions</h3>
I was a bit sceptical with RTL, as it was focused more on integration tests, instead of unit tests, which meant I had to completely change the mindset to write tests.
It also didn&#x27;t support shallow rendering, meaning that you will end up sometimes rendering a bigger component tree when testing container-like components, potentially causing side effects that could affect your test.
On the other hand there&#x27;s more and more people stating that <a target="_blank" rel="noopener noreferrer" href="https://kentcdodds.com/blog/why-i-never-use-shallow-rendering">shallow rendering is an anti-pattern</a>, and that&#x27;s probably the reason of enzyme getting &quot;discontinued&quot;.
Also, RTL has become the <a target="_blank" rel="noopener noreferrer" href="https://reactjs.org/docs/testing.html#tools">officially recommended framework</a> to test react components, it has become very popular, and it has even joined a wider group of testing libraries under the <a target="_blank" rel="noopener noreferrer" href="https://testing-library.com/"><code>@testing-library</code></a> organization.
The thing is that I started to use it, and I was quickly surprised with how it felt to work with it, and all the benefits it was bringing to my tests.
<h3>Benefits I have experienced</h3>
Once I started migrating the first tests I noticed some benefits:
<ul>
<li>Changing my mindset was actually easier than I thought. The docs are very well written, so it&#x27;s relatively easy to start using RTL.</li>
<li>My tests got simpler, and required less of those nasty global mocks that jest allows (I&#x27;m looking at you, <a target="_blank" rel="noopener noreferrer" href="https://jestjs.io/es-ES/docs/mock-functions#mocking-modules"><code>jest.mock</code></a>).</li>
<li>Tests were way less coupled with implementation details. I moved from testing the component props, to test what the user would see on the screen.</li>
<li>Related with previous point, I started to write my tests by looking at the screen instead of the component&#x27;s implementation.</li>
<li>Changes in source code led to fewer tests requiring to be changed.</li>
<li>A progressive migration was possible, where some tests still use enzyme and others are already using RTL.</li>
</ul>
And overall, it felt good and I have already dedicated a couple of PRs just to migrate more tests.
<h3>Challenges I faced</h3>
But of course, migrating to a new tool always comes with its own challenges, and this was not an exception. I&#x27;ll explain the main ones I have faced so far and how I tackled them:
<ul>
<li>
RTL lets you do some things in a couple of different ways, and the docs may not be super clear about what&#x27;s the recommended option.
For this I recommend reading <a target="_blank" rel="noopener noreferrer" href="https://acel.me/DCMb1">this article</a> from Kent C. Dodds, RTL&#x27;s author, which explains some common mistakes when using the library.
</li>
<li>
At first, I struggled a bit with asynchronous side effects and state changes in components, which can easily end up printing a warning like <code>Warning: An update to MyComponent inside a test was not wrapped in act</code>.
The warning also explains how you are supposed to solve this by wrapping your code in <code>act()</code>, but this warning comes from React, not RTL, and what it is not telling you is that RTL already wraps all needed operations in <code>act()</code>.
What this error usually mean is that you are not waiting for something to happen. <a target="_blank" rel="noopener noreferrer" href="https://acel.me/jnUdT">This other article</a>, also from Kent C. Dodds, explains everything you need to know about the things that can lead to this warning, and how to solve them.
</li>
<li>
Since you start testing from the user point of view, some use cases can be challenging to test without coupling with implementation details. For example, when you have a component which dynamically renders different images or icons, I used to directly check the component properties.
For this I found the best solution was to use <a target="_blank" rel="noopener noreferrer" href="https://jestjs.io/docs/snapshot-testing">jest snapshots</a>. I didn&#x27;t want to manually check which SVG was being rendered in the DOM, just that different ones were being used in every case.
<pre class="language-tsx"><code class="language-tsx">// I went from this...
test(&#x27;...&#x27;, () =&gt; {
 const wrapper = shallow(&lt;MyComp dynamicValue=&quot;foo&quot; /&gt;);
 expect(wrapper.find(FontAwesomeIcon).prop(&#x27;icon&#x27;)).toEqual(someIcon);
})

// To this
test(&#x27;...&#x27;, () =&gt; {
 const { container } = render(&lt;MyComp dynamicValue=&quot;foo&quot; /&gt;);
 expect(container.firstChild).toMatchSnapshot();
})
</code></pre>
</li>
<li>
Something very similar happens if you use some library that renders canvas. There&#x27;s no way to test that from a DOM point of view, which is what RTL does.
In my case I was using <a target="_blank" rel="noopener noreferrer" href="https://www.chartjs.org/">Chart.js</a> to render some charts, so I used <a target="_blank" rel="noopener noreferrer" href="https://github.com/hustcc/jest-canvas-mock">jest-canvas-mock</a>, which exposes a method on the canvas to see which are all the events invoked from the library.
Then I used snapshots again to verify they had the expected &quot;shape&quot;.
<pre class="language-tsx"><code class="language-tsx">// I went from this...
test(&#x27;...&#x27;, () =&gt; {
 const wrapper = shallow(&lt;MyCompWithCanvas /&gt;);
 expect(wrapper.find(Chart).prop(&#x27;data&#x27;).datasets).toEqual(...);
})

// To this
test(&#x27;...&#x27;, () =&gt; {
 const { container } = render(&lt;MyCompWithCanvas /&gt;);
 const events = container.querySelector(&#x27;canvas&#x27;)?.getContext(&#x27;2d&#x27;)?.__getEvents();

 expect(events).toBeTruthy();
 expect(events).toMatchSnapshot();
})
</code></pre>
</li>
</ul>
<h3>Conclusion</h3>
For better or worst, enzyme should no longer be considered an option. If you are starting a new project or are using it on small ones, consider migrating to RTL as soon as possible.
If you are using it in bigger projects, following the process described in this article will probably help you.
In any case, you will get surprised. React testing library is a great tool and provides many benefits over enzyme.
Its main issue is that it&#x27;s not a drop-in replacement for enzyme, so you will have to change a bit your mindset.

Recently ReactJS v18 was released. I started to look into its improvements, and checked which of my projects could benefit from them. The main react-based project I maintain at the moment of writing this article is shlink-web-client, so I naturally created a new branch and started the process.

The…

My experience migrating from enzyme to react testing library

Capturing code coverage for a test suite is a very useful way to know which parts of your source code are actually getting executed by tests. This is useful not only to know if you need to add more tests to your project (in case the coverage is too low), but also, if you want to apply technics like…

Capturing remote code coverage in API tests with PHPUnit

Docker is, without any doubt, the trending tool these days. Everybody wants to use it, because it is very useful, allowing to easily generate development environments for any kind of application.
A couple months ago I started working with docker myself (it has taken me a while, I know), and now I can&#x27;t imagine working without it.
I started using it at work, but now I&#x27;m migrating all of my OSS projects too.
<h3>The first stopper</h3>
Regardless docker is very cool, there is a problem when you start using it.
I had my development environment perfectly configured, and all my tools properly integrated. I was able, among other things, to run any project tests from within PhpStorm, just by right-clicking any test class, test method or phpunit.xml file, and selecting the &quot;Run&quot; option.
However, once you start using docker in the project, it is not that simple.
<h3>Integration with PhpStorm</h3>
Gladly, since PhpStorm is a very powerful tool, it supports integration with docker, which can be then used, among other things, to automatically run tests inside a container.
<blockquote>
From this point, I&#x27;m going to explain the process, assuming you have already installed docker in your system. If not, you need to install at least <a target="_blank" rel="noopener noreferrer" href="https://docs.docker.com/engine/installation/">docker engine</a> and <a target="_blank" rel="noopener noreferrer" href="https://docs.docker.com/compose/install/">docker compose</a>.
</blockquote>
The first thing you need to do is configure the connection with docker engine. Go to Settings -&gt; Build, Execution, Deployment -&gt; Docker.
Click the green plus button and a new docker connection will be created. The only value you should need to change is the API URL:
<ul>
<li>Linux: unix:///var/run/docker.sock</li>
<li>Windows and Mac: http://127.0.0.1:2376 (The URL of the docker machine. If you are using the deprecated docker toolbox with boot2docker, you have to make sure which is the IP address of the virtual machine)</li>
</ul>
<img src="/assets/img/phpstorm-docker/phpstorm-docker.png" alt="Docker in PhpStorm"/>
Apply changes and we are done here.
<h3>Create the remote interpreter</h3>
Now let&#x27;s create a remote interpreter. It will be used so that tools that need a php runtime are executed inside a docker container.
Go to Settings -&gt; Languages &amp; Frameworks -&gt; PHP. In here, you select the default interpreter for your project.
<img src="/assets/img/phpstorm-docker/interpreter.png" alt="Interpreter"/>
Click the button with the three dots, which will open the dialog to create a new interpreter.
<img src="/assets/img/phpstorm-docker/interpreter-dialog.png" alt="Interpreter dialog"/>
In that dialog you will likely have a local interpreter. Click the green plus button, at the top-left corner, and select Remote.
That will open the dialog to create a new remote interpreter. One of the options is to use a docker image from which PhpStorm will create a docker container that should contain a php interpreter.
<img src="/assets/img/phpstorm-docker/docker-interpreter.png" alt="Docker iterpreter"/>
In this dialog, just select the server (this is the connection with the docker engine, the one we created in the first step), then select the docker image you want to use. The dropdown will be filled with all the images in your machine.
Finally select the interpreter path. Usually, <a target="_blank" rel="noopener noreferrer" href="https://hub.docker.com/_/php/">PHP-based docker images</a> have the php interpreter in the PATH, so just setting <code>php</code> should be enough.
Save everything and we are done configuring the interpreter.
<h3>Create the PHPUnit config</h3>
Now that the interpreter is created, we have to define a phpunit configuration that uses it.
Go to Settings -&gt; Languages &amp; Frameworks -&gt; PHP -&gt; PHPUnit, Use the green plus button at the top-left corner, select By Remote interpreter and a dialog window will be prompt.
It only contains a dropdown where you have to select the remote interpreter we created in previous step.
Select it and you&#x27;ll see a configuration similar to this.
<img src="/assets/img/phpstorm-docker/phpunit.png" alt="PHPUnit configuration"/>
As you can see, PhpStorm mounts the project dir as a volume inside the container, in the <code>/opt/project</code> dir, and based on that path, selects the path to composer&#x27;s autoloader script and the phpunit.xml script.
If any of those params is not correct in your project, you can (and should) change it.
And that&#x27;s it!
Now, you can right-click any test class, test method or phpunit.xml file and select &quot;Run&quot;. PhpStorm will automatically connect with docker engine, set up a temporary container and run the tests inside of it.
You&#x27;ll know it is working because of this:
<img src="/assets/img/phpstorm-docker/tests-in-container.png" alt="Tests inside container"/>
<h3>Conclusion</h3>
PhpStorm&#x27;s team is always working to add integrations with the latest development tools, making it the most powerful IDE for PHP.
Now go, configure your environment and start using docker. It&#x27;s amazing!

Docker is, without any doubt, the trending tool these days. Everybody wants to use it, because it is very useful, allowing to easily generate development environments for any kind of application. A couple months ago I started working with docker myself (it has taken me a while, I know), and now I…

Run PHPUnit tests inside a docker container from PhpStorm

<a target="_blank" rel="noopener noreferrer" href="https://letsencrypt.org/">Let&#x27;s Encrypt</a> is the latest internet trending. Its a relatively young Certification Authority which intends to provide free and automated SSL certificates so that everybody can set encryption to their sites and applications.
It is a <a target="_blank" rel="noopener noreferrer" href="https://www.linuxfoundation.org/">Linux Foundation</a> project sponsored by most of the biggest Internet companies, such as Google, Facebook, Mozilla or Cisco.
They provide tools to automatically generate, setup and renew SSL certificates, but those tools are still in early stages, and not all the integrations are easy.
In this article I&#x27;m going to explain how to setup one of this certificates in an Amazon Web Services Elastic Load Balancer (ELB from now on).
<h3>Generate the certificate</h3>
There are very good tutorials out there on how to generate a certificate, so I&#x27;m not going to dedicate much to this.
I usually follow the instructions from <a target="_blank" rel="noopener noreferrer" href="https://certbot.eff.org/">certbot</a>.
In there, you have to choose the web server of your choice, in this case &quot;None of the above&quot;, and your operating system, for example Ubuntu 16.04 (the only difference with older Ubuntu versions is that you can install the CLI tool from the standard repositories, otherwise there is a previous step where you have to download the <code>certbot-auto</code> script and run it, but that&#x27;s it).
Once you have installed the <code>letsencrypt</code> tool (or <code>certbot-auto</code>), you have to generate the certificate with the webroot plugin. This plugin just generates the certificate by providing the document root for each domain that will be included in the certificate.
<pre><code>letsencrypt certonly --webroot -w /var/www/mydomain -d mydomain.com -d www.mydomain.com -w /var/www/cool-site -d cool-site.com -d www.cool-site.com
</code></pre>
This will create a certificate valid for mydomain.com, www.mydomain.com, cool-site.com and www.cool-site.com.
All of the domains get verified from let&#x27;s encrypt side by putting a temporary hidden file inside provided web root folders.
In this case, the first two domains will be checked in the /var/www/mydomain folder, and the last two in /var/www/cool-site. If those domains are really served from there, the certificate will get properly created.
The problem with this in an Elastic Load Balancer is that you are running this tool in one server, but you will have more than one balanced server. This could make the previous process fail if the wrong server responds to the let&#x27;s encrypt check request.
To prevent this you will have to leave just one server temporarily. Don&#x27;t worry, it only takes a few seconds. Once the certificate is created you can add the rest of the servers again.
<blockquote>
There are other plugins which simplify deploying certificates in standalone web servers.
</blockquote>
<blockquote>
For example, the apache plugin automatically sets the configuration in the apache virtual host of your choice.
</blockquote>
If everything worked, you should now have 4 files in the <code>/etc/letsencrypt/live/mydomain.com</code> folder.
<pre><code>/etc/letsencrypt/live/mydomain.com
 |-- cert.pem
 |-- chain.pem
 |-- fullchain.pem
 |-- privkey.pem
</code></pre>
<h3>Setup the certificate in an ELB</h3>
Now that you have your certificate files, you need to upload them to the ELB.
Go to the AWS web console, select the EC2 service and go to Load Balancers. Once there select the load balancer of your choice and go to the Listeners tab.
<img src="/assets/img/load-balancers-listeners.png" alt="Load Balancer listeners"/>
Now you have to click on the &quot;Change&quot; link, in the SSL Certificate column of the HTTPS protocol, in order to set the new certificate.
<img src="/assets/img/load-balancers-set-certificate.png" alt="Load Balancer set SSL Certificate"/>
In this window, select the third option, Upload a new SSL certificate to AWS... and set the name of your choice for it.
Then, in the Private key field you have to place the contents of the <code>cert.pem</code> file, and in the Public key certificate field, the contents of the <code>fullchain.pem</code> file. You can leave the Certificate chain field empty.
Save, and you are done. Your ELB is now serving HTTPS request by using the previously generated Let&#x27;s Encrypt certificate.
<h3>Renewal</h3>
Renewing this certificate is easy. Just run the command <code>letsencrypt renew</code> (or <code>certbot-auto renew</code>) in the same server used to create the certificate in the first place.
That will generate the new certificate in the same location, and you can repeat the previous step with it.
The main problem with Let&#x27;s Encrypt certificates is that they are valid for three months only. Auto renewal is a feature that they want to implement at some point, but it&#x27;s not available yet.
By the moment, the best solution for standalone servers is creating a cron job that automatically runs the <code>letsencrypt renew</code> command, but for an ELB that won&#x27;t fix the problem.
You will probably need to create some kind of script that automatically uploads the certificate to the ELB after being renewed, by using the AWS REST API or the CLI interface.
<a target="_blank" rel="noopener noreferrer" href="http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-update-ssl-cert.html#us-update-lb-SSLcert-cli">This documentation</a> should be helpful. Pay special attention to the To replace an SSL certificate with a certificate uploaded to IAM section.

Let's Encrypt is the latest internet trending. Its a relatively young Certification Authority which intends to provide free and automated SSL certificates so that everybody can set encryption to their sites and applications. It is a Linux Foundation project sponsored by most of the biggest Internet…

Setup a Let's Encrypt certificate in a AWS Elastic Load Balancer

The other day I was working on a Zend Expressive application I'm currently building. The application includes a REST API among other things, but it also has some endpoints which render HTML. In one of my tests of the REST API I saw that when an error occurs (404, 405 or 500), I was getting an HTML…