How to Generate an SSL Certificate on Ubuntu with NGINX and Certbot
In today’s digital landscape, securing your website with HTTPS is no longer optional. It protects sensitive user data, improves SEO rankings, and builds trust with your audience. This guide will walk you through generating an SSL certificate on Ubuntu using NGINX and Certbot, a free and popular tool for obtaining SSL certificates.
Prerequisites
Before we begin, ensure you have the following:
- A server running Ubuntu: This guide uses Ubuntu 20.04, but it should work on other versions as well.
- NGINX installed and running: If NGINX is not installed, follow the NGINX installation guide to set it up.
- A domain name: Your domain should point to your server’s public IP address.
- Root or sudo user privileges: Certbot requires administrative access to install dependencies and configure NGINX.
Step 1: Update Your Server
To ensure everything works smoothly, update your system packages:
sudo apt update && sudo apt upgrade -y
This command updates the package lists and upgrades existing packages to their latest versions.
Step 2: Install Certbot and NGINX Plugin
Certbot is a tool provided by Let’s Encrypt for obtaining SSL certificates. Install Certbot and its NGINX plugin with the following commands:
sudo apt install certbot python3-certbot-nginx -y
This installs Certbot and ensures it can automatically configure NGINX for SSL.
Step 3: Configure NGINX
Before obtaining an SSL certificate, ensure that your domain is properly configured in NGINX. Create or edit your domain’s server block file:
sudo nano /etc/nginx/sites-available/example.com
Replace example.com with your domain name. Add the following basic configuration:
server {
listen 80;
server_name example.com www.example.com;
root /var/www/example.com/html;
index index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
}
Save the file and enable the configuration:
sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx
The nginx -t command checks for syntax errors, and the reload command applies the changes.
Step 4: Obtain an SSL Certificate with Certbot
Run Certbot to obtain and install the SSL certificate for your domain:
sudo certbot --nginx -d example.com -d www.example.com
Certbot will prompt you to:
- Confirm your email address.
- Agree to the terms of service.
- Choose whether to redirect HTTP to HTTPS (recommended).
Once complete, Certbot will automatically update your NGINX configuration to use the new SSL certificate.
Step 5: Verify SSL Installation
To ensure your SSL certificate is active, visit your website at https://example.com. Look for the padlock icon in the browser’s address bar.
Alternatively, you can use an online tool like SSL Labs to verify your SSL configuration.
Step 6: Set Up Automatic Renewal
Let’s Encrypt certificates are valid for 90 days, but Certbot can handle automatic renewals. By default, Certbot adds a cron job to renew certificates. You can manually test the renewal process with:
sudo certbot renew --dry-run
If no errors occur, automatic renewals are correctly configured.
Troubleshooting Tips
- Domain not pointing to the server: Ensure your domain’s DNS records point to your server’s IP address.
- NGINX not running: Restart NGINX using
sudo systemctl restart nginx. - Firewall blocking ports: Allow HTTP and HTTPS traffic with:
sudo ufw allow 'Nginx Full'
Why Use Certbot for SSL Certificates?
Certbot simplifies the process of obtaining and renewing SSL certificates. It’s free, widely supported, and integrates seamlessly with NGINX.
For more information, visit the official Certbot documentation.
Conclusion
Securing your website with HTTPS is crucial for modern web development. By following this guide, you’ve successfully installed an SSL certificate on Ubuntu using NGINX and Certbot. Your website is now more secure and trusted by users and search engines alike.
If you found this guide helpful, check out more WordPress and web development tutorials on WP Cave. Happy coding!
One thought on “How to Generate an SSL Certificate on Ubuntu with NGINX Using Certbot”
Great website. Lots of useful information here. I’m sending it to some buddies ans also sharing in delicious. And of course, thanks on your effort!