How to Secure Nginx with Let's Encrypt on Ubuntu ⋆ ALexHost SRL

Test your skills on our all Hosting services and get 15% off!

Use code at checkout:

Skills
01.11.2024

How to Secure Nginx with Let’s Encrypt on Ubuntu

Securing your Nginx server with an SSL certificate is essential for protecting data transmitted over the internet. Let’s Encrypt provides free SSL certificates that can be easily implemented to enable HTTPS. This guide will walk you through the process of securing Nginx with Let’s Encrypt on Ubuntu 18.04 or Ubuntu 20.04.

1. Prerequisites

Before starting, ensure you have the following:

  • A server running Ubuntu 18.04 or 20.04.
  • Nginx installed and configured to serve your website.
  • A registered domain name pointing to your server’s IP address.
  • Access to the terminal with sudo privileges.

2. Installing Certbot

Certbot is a tool that automates the process of obtaining and installing Let’s Encrypt SSL certificates.

Step 1: Update Package Lists

Open the terminal and run the following command to update your package lists:

sudo apt update

Step 2: Install Certbot and Nginx Plugin

Install Certbot along with the Nginx plugin:

sudo apt install certbot python3-certbot-nginx

3. Obtaining an SSL Certificate

Once Certbot is installed, you can obtain your SSL certificate using the following steps.

Step 1: Run Certbot

Run Certbot with the Nginx plugin:

sudo certbot –nginx

Step 2: Follow the Prompts

  1. Enter Your Email Address: Certbot will ask for your email address for renewal notifications and terms of service agreement.
  2. Select Domains: Certbot will automatically detect your Nginx configuration and prompt you to select the domains you want to secure.
  3. Automatic Redirect: You will be asked if you want to redirect HTTP traffic to HTTPS. It’s recommended to select this option for better security.

Certbot will then obtain the SSL certificate and automatically configure Nginx to use it.

4. Verifying SSL Installation

After the process is complete, you can verify that the SSL certificate is correctly installed:

  1. Check Your Website: Open your web browser and navigate to your domain using https://. You should see a padlock icon in the address bar, indicating a secure connection.
  2. Use Online Tools: Websites like SSL Labs can provide a detailed analysis of your SSL configuration.

5. Setting Up Automatic Renewal

Let’s Encrypt certificates are valid for 90 days, but you can set up automatic renewal with Certbot.

Step 1: Test Automatic Renewal

Run the following command to simulate the renewal process:

sudo certbot renew –dry-run

If the test is successful, Certbot will automatically create a cron job to renew your certificates.

6. Conclusion

Securing your Nginx server with a Let’s Encrypt SSL certificate on Ubuntu 18.04 or 20.04 is straightforward and can greatly enhance the security of your website. By following this guide, you can easily set up HTTPS, ensuring that data transmitted between your server and users is encrypted and secure.

Test your skills on our all Hosting services and get 15% off!

Use code at checkout:

Skills