Test your skills on our all Hosting services and get 15% off!

Use code at checkout:

Skills
30.10.2024

How to set up an SSL certificate in Nginx

An SSL certificate is crucial to protect the communication between your web server and users. By using SSL, you ensure that data is encrypted and that your site is trustworthy. In this article, we’ll help you set up an SSL certificate on Nginx, one of the most popular web servers.

Step 1: Install Certbot

Certbot is a free, automated tool used to obtain and install SSL certificates from Let’s Encrypt. To install Certbot on your server, follow these commands:

  1. Update the package list:
    sudo apt update
  2. Install Certbot:
    sudo apt install certbot python3-certbot-nginx

Step 2: Obtain the SSL certificate

Once Certbot is installed, you can request an SSL certificate by running the following command:

sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com

Certbot will automatically configure the SSL certificate for your domain. Follow the on-screen instructions to complete the setup.

Step 3: Configure Nginx for SSL

Certbot will automatically modify the Nginx configuration to use SSL. However, if you need to configure it manually, follow these steps:

  1. Open the Nginx configuration file for your site:
    sudo nano /etc/nginx/sites-available/default
  2. Update the configuration to use SSL:
    server { listen 443 ssl; server_name yourdomain.com www.yourdomain.com; ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem; # Additional settings... }
  3. Save the file and exit the editor.

Step 4: Test and restart Nginx

After configuring SSL, test the Nginx configuration for errors:

sudo nginx -t

If no errors are found, restart Nginx to apply the changes:

sudo systemctl restart nginx

Step 5: Set up automatic SSL certificate renewal

Let’s Encrypt certificates are valid for 90 days, so it’s important to set up automatic renewal to avoid expiration. Certbot automatically creates a cron job to renew the certificate, but you can test the renewal process manually:

sudo certbot renew --dry-run

This command will simulate a renewal to make sure everything is working properly.

Conclusion

Setting up an SSL certificate in Nginx is an important step to protect your website. With Certbot and Let’s Encrypt, you can easily obtain and manage free SSL certificates, ensuring that your users’ data is protected through encryption.

Test your skills on our all Hosting services and get 15% off!

Use code at checkout:

Skills