Configure Let's Encrypt + Nginx in Ubuntu

jpblancodb

JPBlancoDB

Posted on November 7, 2019

Configure Let's Encrypt + Nginx in Ubuntu

Step-by-step guide to install Let's Encrypt certificate

Translated into: Español

First, let's briefly define what Let's Encrypt is for by quoting them.

Let’s Encrypt is a free, automated, and open Certificate Authority.

In summary, with Let's Encrypt we obtain a secure domain certificate (SSL) for our site and for free.

Steps:

  1. Install Certbot in the server:
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install python-certbot-nginx
  1. We need to modify nginx file (we are going to use the default file for simplicity):
sudo nano /etc/nginx/sites-available/default

Search and replace the line that contains server_name with:

server_name domain.com www.domain.com;

Verify nginx configuration is correct:

sudo nginx -t
  1. Restart Nginx:
sudo systemctl reload nginx
  1. Installing the certificate:
sudo certbot --nginx -d domain.com -d www.domain.com
sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
sudo nano /etc/nginx/sites-available/default

Add in the server section:

ssl_dhparam /etc/ssl/certs/dhparam.pem;

Let's verify again that our configuration is correct:

sudo nginx -t

Restart Nginx:

sudo systemctl reload nginx
  1. Finally, we need to automatically renew our certificate because it expires every 90 days:
sudo crontab -e

and add:

15 3 \* \* \* /usr/bin/certbot renew –quiet

Done! We have our domain secure with SSL.

Lastly, we could verify the state of our certificates with certbot by executing this command:

certbot certificates

I hope this is helpful! If you have any doubts you could contact me via Twitter or by adding a comment :)

Translated into Español
💖 💪 🙅 🚩
jpblancodb
JPBlancoDB

Posted on November 7, 2019

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related