How to secure NGINX (SSL Certificate) with let’s Encryption by Certbot client on Ububtu 16.04 / 18.04 LTS / 19.10 / 20.04 LTS
This tutorial will assist you how to set up a TLS/SSL certificate from Let’s Encrypt on an Ubuntu server running nginx as a web server.
First logged into your remote system via ssh.
ssh root@server_ip_addressLet’s begin by updating server’s package index
sudo apt-get updateNow install certbot & other dependent packages. Certbot is a command line client for Let’s Encrypt. python-certbot-nginx is Certbot’s Nginx package with apt-get.
sudo apt-get install certbot python-certbot-nginxAfter installation check your certbot version.
certbot --versionLet’s start registration process for certificate. Run below command-
sudo certbot certonly --nginxIn above command as we put — nginx, certonly will look into sites-available directory & will find out domain(s) itself.
Then it’ll ask for an email address for renewal or security issues.
Select the domain, you would like to activate HTTPS for.
Then your domain will be registered for a time period as follows-
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/your_domain.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/your_domain.com/privkey.pem
Your cert will expire on 2020-10-22. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the "certonly" option. To non-interactively renew *all* of
your certificates, run "certbot renew"
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-leNow run the below command to bring the certificate in your sites-available. This command will modify the config file with certbot SSL itself.
sudo certbot install --nginxCheck your configuration file now
nano cd /etc/nginx/sites-available/configuration_fileLet’s Encrypt’s certificates are only valid for ninety days (90 days).
Have fun 🔥 💪
If you have any query, please put in below. Find me on Github.
