How to install NGINX with LetsEncrypt SSL in Ubuntu?

How to install NGINX with LetsEncrypt SSL in Ubuntu?

November 9, 2017 0 By Nitikesh Pattanayak

Introduction

Let’s Encrypt is a Certificate Authority (CA) that gives a simple approach to get and introduce free TLS/SSL testaments, in this manner empowering scrambled HTTPS on web servers. It disentangles the procedure by giving a product customer, Certbot, that endeavors to mechanize most (if not all) of the required advances. Right now, the whole procedure of acquiring and introducing an authentication is completely computerized on both Apache and Nginx.

In this instructional exercise, you will utilize Certbot to acquire a free SSL testament for Nginx on Ubuntu 16.04 and set up your authentication to reestablish naturally.

Step 1: (Installing CertBOT in Ubuntu)

sudo add-apt-repository ppa:certbot/certbot

#[Enter] To Accept

sudo apt-get update

sudo apt-get install python-certbot-nginx

Now CertBOT has been successfully installed. Now you have to change the configuration in nginx and change the Domain Names.

Step 2: (Setting Up NGINX)

sudo nano /etc/nginx/sites-available/default

Find the existing server_name line and replace the underscore, _, with your domain name:

server_name yourdomain.com www.yourdomain.com; #Now type CTRL + X and ENTER. Then, verify the syntax of your configuration edits. sudo nginx -t #If there is some errors please check Journalese -xe for error info and correct it. #Then Restart nginx sudo systemctl reload nginx

By default the Firewall is turned off/Inactive. (So let it be for now)

Step 3: (Obtaining Certificate)

Now we will generate the certificates for the Domain Names:

sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com

[Press Enter]

Now your certificates has been successfully generated.

For checking your domain got SSL enabled visit the below directory.

sudo nano /etc/nginx/sites-available/default

and check if SSL 443 port is active, If not then please add the below code into the file.

server {

listen 443 ssl default_server;
listen [::]:443 ssl default_server;
ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yourdomaincom/privkey.pem;

root /var/www/html; #Default Running Page

}

server {
 listen 80;
 listen [::]:80;
 server_name predebug.com www.predebug.com;
 return 301 https://$host$request_uri; #For redirecting to https always
 index index.html;

}

Congratulation!!! You have successfully configured your SSL Certificate.