How to Add SSL to Your Website Using Let's Encrypt on Ubuntu and Nginx

How to Add SSL to Your Website Using Let's Encrypt on Ubuntu and Nginx

If you're running a website, it's important to make sure that your visitors' data is secure. One way to do this is by adding SSL encryption to your website.

What is SSL?

SSL (Secure Sockets Layer) is a protocol that encrypts data as it's transmitted over the internet, making it much harder for hackers to intercept and read.

Fortunately, adding SSL to your website has become much easier in recent years thanks to Let's Encrypt.  

What is Let's Encrypt?

Let's Encrypt is a free, automated, and open certificate authority (CA) that provides SSL certificates to website owners.

In this tutorial, we'll walk you through the steps to add SSL to your website using Let's Encrypt on an Ubuntu server running Nginx.

Also read, How To Create And Move Configuration File In Nginx: Step-By-Step Guide

Assumptions:

  1. You have an Ubuntu server running Nginx.
  2. You have a domain name registered and pointing to your server's IP address.
  3. You have root access to your server.

Step 1: Install Certbot

Certbot is a tool that automates the process of obtaining and installing SSL certificates from Let's Encrypt. To install Certbot, run the following commands:

sudo apt-get update
sudo apt-get install certbot python3-certbot-nginx

Step 2: Obtain an SSL Certificate

To obtain an SSL certificate for your main domain, run the following command:

sudo certbot --nginx -d example.com -d www.example.com

Replace example.com with your actual domain name. The -d option specifies the domain names you want to include in the certificate. In this example, we've included both the main domain and the www subdomain.

If this is the first time you've run Certbot, you'll be prompted to enter your email address and agree to the terms of service. Once you've done that, Certbot will automatically configure Nginx to use the SSL certificate.

Step 3: Verify SSL

After the certificate is installed, you can verify that SSL is working by visiting your website with https:// in the URL. If everything is working correctly, you should see a green padlock icon in your browser's address bar.

Step 4: Add SSL to Subdomains

To add SSL to a subdomain, run the same Certbot command as before, but replace example.com with your subdomain:

sudo certbot --nginx -d subdomain.example.com

This will generate a new SSL certificate for the subdomain and configure Nginx to use it.

Step 5: Automate Renewals

SSL certificates from Let's Encrypt are only valid for 90 days. To ensure that your website stays secure, you'll need to renew your certificate periodically.

Fortunately, Certbot includes a renewal script that can be run automatically.

To set up automatic renewals, run the following command:

sudo certbot renew --dry-run

This will simulate a certificate renewal and test that everything is working correctly. If everything looks good, you can add a cron job to run this command twice a day:

sudo crontab -e

Add the following line to the crontab file:

0 */12 * * * certbot renew --quiet

This will run Certbot's renewal script every 12 hours.

Also read, 10 Best Practices For Optimizing NGINX Configuration

Conclusion

In this tutorial, we've walked you through the steps to add SSL to your website using Let's Encrypt on an Ubuntu server running Nginx.

By encrypting your website's data, you can help protect your visitors' privacy and security. With Let's Encrypt, it's easier than ever to add SSL to your website for free.

Subscribe to our Newsletter

Stay up to date! Get all the latest posts delivered straight to your inbox.

If You Appreciate What We Do Here On TutsCoder, You Should Consider:

If you like what you are reading, please consider buying us a coffee ( or 2 ) as a token of appreciation.

Support Us

We are thankful for your never ending support.

Leave a Comment