Nginx Letsencrypt Setup Guide

Nginx Letsencrypt Setup Guide Using Certbot: Free SSL Certificate

In this guide, I have explained the steps required to setup Letsencrypt SSL certificates for websites running on an Nginx web server using Certbot utility.

Prerequisites:

  1. A working website running on Nginx which is accessible over a valid domain name.
  2. The server should be able to server traffic on 443 port. Make sure you have allowed port 443 on your firewall rules.

Note: This setup is done on a Ubuntu 18.04 server. You can use this guide on Amazon ec2, GCP , Digital Ocean or any other cloud VM’s.

Nginx Letsencrypt Setup Guide

Key Steps Involved in Nginx Letsencrypt Configuration are as follows

  1. Install and Configure Certbot
  2. Generate Nginx SSL configuration files Using Certbot
  3. Verify certbot certificates
  4. Letsencrypt Autorenewal Setup Using Certbot

Lets get started with the setup.

Step 1: Update the server

Install and Configure Certbot

Step 2: Install Certbot utilities

Generate Nginx SSL configuration files using Certbot.

The beauty of certbot is that you dont have to manually create or generate the private keys and other Nginx configurations required for SSL certificates. It automagically creates it for you.

Step 1: Execute the following certbot command to generate the SSL certificates and Nginx configurations.

You will be promted for the following information.

  1. You site admin email address
  2. Terms of Service agreement.
  3. List of domains you need HTTPS for. Certbot will automatically detect this information from the Nginx conf files.
  4. HTTP to HTTPS redirection confirmation (it is better to redirect)

You Might Like: Setup Free SSL (https) for WordPress Website using Cloudflare

Step 2: Open your nginx.conf and verify the SSL configurations. You should see a configuration like below autogenerated by certbot. Now you will be able to access your site over https.

Step 3: Now, head over to https://www.ssllabs.com/ssltest/analyze.html and enter the domain name that you configured for Letsencrypt. It will show your SSL grade as shown below.

Letsencrypt Nginx SSL verification and testing.

Verify Certbot Certificates

You can verify the generated SSl certificates using certbot command.

Execute the following command to view the existing certificates on you server.

Letsencrypt Autorenewal Setup Using Certbot

Letsencrypt certificates expires every three months. So it is very important that you have a mechanism to auto renew the certificates every three months.

Certbot will do this job for you. It adds a Linux cron task automatically.

You can check the certbot cron using the following command.

If you want to know how the certificate renewal works, you can run the renew command using a dry run. It will just simulate the process.

Related

wordpress cloud hosting tutorial for beginners

When it comes to WordPress¬†hosting, most bloggers and hosting review sites will recommend¬†shared hosting and managed…

Read more
SetUp High-Performance WordPress on Cloud/VPS

High-Performance Wordpress is a must have for bloggers who have substantial income from their blogs.. People who…

Read more
key factors for cloud web hosting

To Run a successful website, blog or business, it is really important to have a reliable web hosting provider.…

Read more
About

Cloud Computing Tutorial Blog