DEV Community

Cover image for Secure Your Applications with SSL: Installing SSL Certificates for Multiple Server Blocks on Ubuntu with Nginx
Paschal Kenechukwu Oruche
Paschal Kenechukwu Oruche

Posted on • Edited on

Secure Your Applications with SSL: Installing SSL Certificates for Multiple Server Blocks on Ubuntu with Nginx

Using SSL (Secure Sockets Layer) certificates to secure your web apps/services is essential in the modern digital environment to safeguard sensitive data and maintain user confidence. This article will walk you through the process of installing SSL certificates for each application using distinct server blocks if you're running numerous applications on an Ubuntu server configures with Nginx.

*System package updates
*

On Ubuntu computers, this is a recommended procedure.
Run the following commands to verify that your system is up to date:

sudo apt update
sudo apt upgrade
Enter fullscreen mode Exit fullscreen mode

*Configure the Certbot Nginx Plugin
*

Now, use the Certbot and the Nginx plugin to streamline the SSL certificate installation process. Use the following command to install the Certbot Nginx plugin:

sudo apt install python3-certbot-nginx

Certbot plugin

*Configure Nginx Server Blocks
*

Assuming you have already set up your server blocks for each application in the Nginx configuration directory (usually located at /etc/nginx/sites-available/), make sure you have the necessary server blocks for your applications. Each server block should define the server name, port, root directory, and other relevant configuration options.
PS: I've already done this; I may just churn out another article for this process

*Obtain SSL certificates
*

Let's use the Certbot Nginx plugin to get SSL certificates for each of your applications right away. Run the following command, substituting your real domain names for example.com:

sudo certbot --nginx -d example1.com -d www.example2.com

Enter Email to associate with ssl

Note: This command will automatically detect your Nginx server blocks and configure SSL certificates for each domain.

*Test to Obtain SSL Certificates Renewal of SSL Certificate
*

In order to guarantee that your SSL certificates are always current, Certbot offers an auto-renewal feature. Use the next command to test the renewal procedure:

sudo certbot renew --dry-run

Certbot dry run

Note: You must get a successful test renewal log like this to be sure the periodic renewal will work for you.

At this stage, you should receive a confirmation email from Certbot on the email address you specified for receiving updates for renewals and security notices.

Certbot confirmation Email

*Possible blockers:
*

You might get an error response when you try to obtain the certificates using certbot if you install using this command: sudo apt install certbot

Incomplete certbox installation

_Error response:
_Saving debug log to /var/log/letsencrypt/letsencrypt.log
The requested nginx plugin does not appear to be installed

To fix this, use the command on the step for configure the Certbot Nginx Plugin stated previously

Top comments (0)