Configure Let's Encrypt + Nginx in Ubuntu

Step-by-step guide to install Let's Encrypt certificate

Translated into: Español

First, let's briefly define what Let's Encrypt is for by quoting them.

Let’s Encrypt is a free, automated, and open Certificate Authority.

In summary, with Let's Encrypt we obtain a secure domain certificate (SSL) for our site and for free.

Steps:

1. Install Certbot in the server:

sudo add-apt-repository ppa:certbot/certbot sudo apt-get update sudo apt-get install python-certbot-nginx 

1. We need to modify nginx file (we are going to use the default file for simplicity):

sudo nano /etc/nginx/sites-available/default 

Search and replace the line that contains server_name with:

server_name domain.com www.domain.com; 

Verify nginx configuration is correct:

sudo nginx -t 

1. Restart Nginx:

sudo systemctl reload nginx 

1. Installing the certificate:

sudo certbot --nginx -d domain.com -d www.domain.com sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048 sudo nano /etc/nginx/sites-available/default 

Add in the server section:

ssl_dhparam /etc/ssl/certs/dhparam.pem; 

Let's verify again that our configuration is correct:

sudo nginx -t 

Restart Nginx:

sudo systemctl reload nginx 

1. Finally, we need to automatically renew our certificate because it expires every 90 days:

sudo crontab -e 

and add:

15 3 \* \* \* /usr/bin/certbot renew –quiet 

Done! We have our domain secure with SSL.

Lastly, we could verify the state of our certificates with certbot by executing this command:

certbot certificates 

I hope this is helpful! If you have any doubts you could contact me via Twitter or by adding a comment :)

Translated into Español

Configurando LetsEncrypt con Nginx en Ubuntu

JPBlancoDB ・ Nov 7 '19 ・ 2 min read

#letsencrypt #nginx #linux #servers