DEV Community

Ersin KOÇ
Ersin KOÇ

Posted on

How to Install Let’s Encrypt SSL Certificate with Nginx on Ubuntu 22.04

Prerequisites

Before you begin, ensure you have:

  • An NVMe VPS from EcoStack Cloud running Ubuntu 22.04.
  • Nginx installed and running.
  • A domain name pointed to your server’s IP address.
  • Sudo privileges on your server.

Step 1: Install Certbot and Nginx Plugin

Certbot is a tool to automate the installation of Let’s Encrypt SSL certificates. Install Certbot and its Nginx plugin using the following commands:

sudo apt update
sudo apt install certbot python3-certbot-nginx -y
Enter fullscreen mode Exit fullscreen mode

Step 2: Verify Nginx Configuration

Ensure that Nginx is correctly installed and running. You can check the status of Nginx with:

sudo systemctl status nginx
Enter fullscreen mode Exit fullscreen mode

Make sure that your domain is properly configured in Nginx. If not, you can create or modify your site configuration in /etc/nginx/sites-available/.

For example, you can create a basic configuration file:

sudo nano /etc/nginx/sites-available/your_domain
Enter fullscreen mode Exit fullscreen mode

Replace your_domain with your actual domain name and add the following configuration:

server {
    listen 80;
    server_name your_domain www.your_domain;

    root /var/www/your_domain;
    index index.html index.htm index.nginx-debian.html;

    location / {
        try_files $uri $uri/ =404;
    }
}
Enter fullscreen mode Exit fullscreen mode

Create a symbolic link to enable the site:

sudo ln -s /etc/nginx/sites-available/your_domain /etc/nginx/sites-enabled/
Enter fullscreen mode Exit fullscreen mode

Test the configuration to make sure there are no syntax errors:

sudo nginx -t
Enter fullscreen mode Exit fullscreen mode

Then reload Nginx to apply the changes:

sudo systemctl reload nginx
Enter fullscreen mode Exit fullscreen mode

Step 3: Obtain an SSL Certificate

Use Certbot to obtain an SSL certificate for your domain. Certbot will automatically update your Nginx configuration to use the SSL certificate.

sudo certbot --nginx -d your_domain -d www.your_domain
Enter fullscreen mode Exit fullscreen mode

Replace your_domain with your actual domain name. Follow the prompts to complete the setup.

During this process, Certbot will:

  • Verify your domain.
  • Download and install the SSL certificate.
  • Configure Nginx to use the certificate.
  • Reload Nginx to apply the changes.

Step 4: Verify SSL Installation

Once the installation is complete, you can verify the SSL certificate by visiting your domain in a web browser. Use https://your_domain to ensure that the SSL certificate is active and the connection is secure.

You can also use SSL Labs' SSL Test tool to check the certificate’s details and security grade.

Step 5: Set Up Auto-Renewal

Let’s Encrypt certificates are valid for 90 days. To ensure that your certificate is automatically renewed, Certbot creates a cron job to handle this.

You can test the auto-renewal process with:

sudo certbot renew --dry-run
Enter fullscreen mode Exit fullscreen mode

This command simulates the renewal process without making any actual changes. If there are no errors, the auto-renewal is set up correctly.

Conclusion

You have successfully installed a Let’s Encrypt SSL certificate with Nginx on Ubuntu 22.04, provided by EcoStack Cloud. Your website is now secured with HTTPS, ensuring encrypted communication and enhanced trust with your visitors.

For further information and advanced configurations, refer to the official Certbot documentation and Nginx documentation.

Top comments (0)