Prerequisites
Before you begin, ensure you have:
- An NVMe VPS from EcoStack Cloud running Ubuntu 22.04.
- Nginx installed and running.
- A domain name pointed to your server’s IP address.
- Sudo privileges on your server.
Step 1: Install Certbot and Nginx Plugin
Certbot is a tool to automate the installation of Let’s Encrypt SSL certificates. Install Certbot and its Nginx plugin using the following commands:
sudo apt update
sudo apt install certbot python3-certbot-nginx -y
Step 2: Verify Nginx Configuration
Ensure that Nginx is correctly installed and running. You can check the status of Nginx with:
sudo systemctl status nginx
Make sure that your domain is properly configured in Nginx. If not, you can create or modify your site configuration in /etc/nginx/sites-available/
.
For example, you can create a basic configuration file:
sudo nano /etc/nginx/sites-available/your_domain
Replace your_domain
with your actual domain name and add the following configuration:
server {
listen 80;
server_name your_domain www.your_domain;
root /var/www/your_domain;
index index.html index.htm index.nginx-debian.html;
location / {
try_files $uri $uri/ =404;
}
}
Create a symbolic link to enable the site:
sudo ln -s /etc/nginx/sites-available/your_domain /etc/nginx/sites-enabled/
Test the configuration to make sure there are no syntax errors:
sudo nginx -t
Then reload Nginx to apply the changes:
sudo systemctl reload nginx
Step 3: Obtain an SSL Certificate
Use Certbot to obtain an SSL certificate for your domain. Certbot will automatically update your Nginx configuration to use the SSL certificate.
sudo certbot --nginx -d your_domain -d www.your_domain
Replace your_domain
with your actual domain name. Follow the prompts to complete the setup.
During this process, Certbot will:
- Verify your domain.
- Download and install the SSL certificate.
- Configure Nginx to use the certificate.
- Reload Nginx to apply the changes.
Step 4: Verify SSL Installation
Once the installation is complete, you can verify the SSL certificate by visiting your domain in a web browser. Use https://your_domain
to ensure that the SSL certificate is active and the connection is secure.
You can also use SSL Labs' SSL Test tool to check the certificate’s details and security grade.
Step 5: Set Up Auto-Renewal
Let’s Encrypt certificates are valid for 90 days. To ensure that your certificate is automatically renewed, Certbot creates a cron job to handle this.
You can test the auto-renewal process with:
sudo certbot renew --dry-run
This command simulates the renewal process without making any actual changes. If there are no errors, the auto-renewal is set up correctly.
Conclusion
You have successfully installed a Let’s Encrypt SSL certificate with Nginx on Ubuntu 22.04, provided by EcoStack Cloud. Your website is now secured with HTTPS, ensuring encrypted communication and enhanced trust with your visitors.
For further information and advanced configurations, refer to the official Certbot documentation and Nginx documentation.
Top comments (0)