As a best practice, you should enable HTTPS on all your websites. An affordable way to do this is by installing letsencrypt certificates in the macOS server.app. This is an automated procedure run from the commandline. And to make this easyer for our customers, we have created a script that takes away a few of the manual steps.
The base requirements of this script are that your websites are created in the default 'vanilla' way. For instance, you create new site called www.mynewsite.com in the server.app, and have it hosted from the default webroot /Library/Server/Web/Data/Sites/www.mynewsite.com/. And it is publicly accessible from the internet. If this is a staging site you will need to modify your servers hosts file to make this process work.
Another requirement is that Certbot is allready installed. To do this follow these steps:
Install Brew if necessary.
/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
Install Certbot
brew install certbot
Now certbot is installed we can download and run the script.
Download the script attached to this article, and make it executable on your machine by running:
chmod +x letsencryptauto.sh
once executable you can run it with the folowing command:
sh letsencryptauto.sh www.mynewsite.com
Please note that it requires to be run without sudo or root permissions. It contains subcommands that do require sudo, and will prompt for elevation at that point.
When the script is successfully executed a certificate will appear in the 'Certificates' section in the server.app. You can then associate this certificate with your website in the 'Websites' section