A Step-by-Step Guide on Installing Let's Encrypt SSL in Nginx
 |
| Nginx with Let's Encrypt |
Introduction
Securing your website with SSL (Secure Socket Layer) is no longer just an option but a necessity. Let's Encrypt, a free and open Certificate Authority, makes this process accessible to everyone. In this guide, we will walk you through the steps to install a Let's Encrypt SSL certificate on an Nginx web server.
Prerequisites:
Before we begin, make sure you have the following:
1. A running Nginx web server.
2. Root access or a user with sudo privileges.
3. A registered domain name pointing to your server's IP address.
Step 1: Install Certbot:
Certbot is a tool that simplifies the process of obtaining and renewing SSL certificates from Let's Encrypt.
On Ubuntu, use:
sudo apt update
sudo apt install certbot
On CentOS, use:
sudo yum install certbot
Step 2: Obtain and Install SSL Certificate:
Run the following command to obtain and install the SSL certificate for your domain:
sudo certbot --nginx
Certbot will prompt you to enter your email address and agree to the terms of service. Additionally, you'll be asked if you want to redirect HTTP traffic to HTTPS – choose your preferred option.
Certbot will automatically configure Nginx to use the obtained SSL certificate, and your site will now be served over HTTPS.
Step 3: Verify SSL Configuration:
Visit your website using `https://yourdomain.com` in a web browser. Ensure that the connection is secure and the SSL certificate is valid.
Step 4: Automatic Renewal Setup:
Let's Encrypt certificates are valid for 90 days, so it's important to set up automatic renewal. Certbot makes this process straightforward.
Open the crontab configuration:
sudo crontab -e
Add the following line to run the renewal process twice a day:
0 */12 * * * certbot renew
Save and exit the editor. This cron job checks for expiring certificates every 12 hours and renews them if necessary.
Step 5: Test the Renewal Process (Optional):
To ensure automatic renewal is working correctly, run the following command:
sudo certbot renew --dry-run
If the dry run is successful, your automatic renewal is configured correctly.
Conclusion:
Congratulations! You've successfully installed a Let's Encrypt SSL certificate on your Nginx web server, ensuring secure and encrypted communication between your users and your site. Regularly check for certificate renewals and enjoy the benefits of a safer browsing experience for your visitors.
Contact Us - info@getcloud.in