To install Let’s Encrypt and setup free SSL/TLS certificates Ubuntu nginx, Open your terminal window, type sudo apt install certbot Python3-certbot-nginx to install Letsencrypt and type sudo certbot --nginx -d example.com -d www.example command to set up SSL/TLS certificate.
Let’s Encrypt is a certificate authority (CA) that provides an accessible way to obtain and install free TLS/SSL certificates, enabling encrypted HTTPS on web servers. It simplifies the process by providing a software client, Certbot, which attempts to automate most (if not all) of the necessary steps.
How to Install Let’s Encrypt & Certbot on Ubuntu 22.04 Nginx
Here are some steps to install and configure let’s Encrypt SSL certificate & certbot on ubuntu 22.04 Nginx using terminal or command line:
Step 1 – Update System Packages
To update the system’s packages, you need to use the sudo apt update command on a terminal window:
sudo apt update
Step 2 – Install Let’s Encrypt Certbot Ubuntu Nginx
To install Let’s Encrypt with Nginx on Ubuntu 22.04, simply type sudo apt install certbot python3-certbot-nginx command on the terminal window and press Enter, it will install it:
sudo apt install certbot python3-certbot-nginx
Step 3 – Verify Nginx Configuration on Server
Before installing Letsencrypt, you need to verify the nginx configuration in sites-available file, Open this file using sudo nano /etc/nginx/sites-available/example.com on terminal window:
sudo nano /etc/nginx/sites-available/example.com
Then, locate the server_name directive and make sure it is set to your domain name. As you want to include the domain name with and without the www. prefix, the line should look similar to the one below:
server_name example.com www.example.com
Step 4 – Allowing HTTPS Through the Firewall
To enable HTTPs request on ubuntu nginx server using firewall, use following commands on terminal window and allow firewall services for https:
sudo ufw status
To additionally let in HTTPS traffic, allow the Nginx Full profile and delete the redundant Nginx HTTP profile allowance:
sudo ufw allow 'Nginx Full' sudo ufw delete allow 'Nginx HTTP'
Step 5 – Get New Let’s Encrypt SSL/TLS Certificate
To setup free let’s encryption SSL/TLS certificate with nginx on Ubuntu, simply type sudo certbot --nginx -d example.com -d www.example.com command on a terminal windows:
sudo certbot --nginx -d example.com -d www.example.com
If this is the first time running, will be prompted to enter an email address and agree to the terms of service. After doing so, certbot will communicate with the Let’s Encrypt server, then run a challenge to verify that you control the domain you’re requesting a certificate for.
Step 6 – Enable Automatic Certificate Renewal
Since Let’s Encrypt certificates expire every 90 days, Nginx recommends setting up an automatic renewal using cron job, Open again your terminal window and simply type sudo systemctl status snap.certbot.renew.service command into it to create automatic renewal let’s encrypt the certificate for Nginx on ubuntu 22.04:
sudo systemctl status snap.certbot.renew.service
To test the renewal process, Use the dry command with certbot:
sudo certbot renew --dry-run
Conclusion
Through this tutorial, we have learned how to install and configure certbot to obtain a free SSL certificate for Nginx on Ubuntu 22.04 and set up your certificate to renew automatically.
