How to Obtain and Integrate Free SSL Certificates with Nginx Using Let’s Encrypt
Securing your website with SSL (Secure Sockets Layer) certificates is crucial for protecting sensitive information and building trust with your users. Let’s Encrypt offers free SSL certificates, and integrating them with Nginx is straightforward. Follow these steps to secure your website with SSL:
Step 1: Install Let’s Encrypt Tools
First, ensure your system is up to date:
| sudo apt-get update |
Then, install the Let’s Encrypt Certbot tool:
| sudo apt-get install certbot python3-certbot-nginx |
Step 2: Configure Nginx
Navigate to the Nginx configuration directory:
| cd /etc/nginx/con.d/ |
Create or edit your site’s configuration file:
| sudo nano myweb.com.conf |
Add the following Nginx configuration:
| server { listen 80; listen [::]:80; server_name myweb.com www.myweb.com; root /var/www/myweb.com; # Additional Nginx configuration… } |
Test the Nginx configuration:
| sudo nginx -t |
Step 3: Stop Nginx
Before generating the SSL certificate, stop Nginx:
| sudo systemctl stop nginx |
Step 4: Generate SSL Certificates
Generate the SSL certificate and key for your domain:
Note: before run these command you must add this server IP into into the domain manager A Records across to the domain
| sudo certbot certonly –standalone -d myweb.com sudo certbot certonly –standalone -d www.myweb.com |
Step 5: Update Nginx Configuration with SSL
Edit your Nginx configuration file to include SSL certificate paths:
| server { listen 80; listen [::]:80; server_name myweb.com www.myweb.com; root /var/www/myweb.com; listen 443 ssl; # SSL configuration ssl_certificate /etc/letsencrypt/live/myweb.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/myweb.com/privkey.pem; include /etc/letsencrypt/options-ssl-nginx.conf; ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # Redirect non-https traffic to https if ($scheme != “https”) { return 301 https://$host$request_uri; } # Additional Nginx configuration… } |
Step 6: Restart Nginx
Test the Nginx configuration and restart Nginx:
| sudo nginx -t |
If get ok message then start the nginx server
| sudo systemctl start nginx |
Step 7: Automate Certificate Renewal
Set up a cron job to automatically renew the SSL certificate:
| sudo crontab -e |
Add the following cron job to run the renewal command daily:
| 0 12 * * * /usr/bin/certbot renew –pre-hook “service nginx stop” –post-hook “service nginx start” –quiet |
With these steps, your website is now secured with free SSL certificates from Let’s Encrypt, ensuring encrypted communication between your server and your visitors’ browsers. Regular certificate renewal guarantees continuous protection for your website.
Thank you for the auspicious writeup. It in fact was a amusement account it. Look advanced to far added agreeable from you! However, how could we communicate?
Great blog here! Also your website loads up very fast! What host are you using? Can I get your affiliate link to your host? I wish my website loaded up as quickly as yours lol