How to Setup Let's Encrypt With Nginx on an Ubuntu 18.04 VPS or Dedicated Server

How to Setup Let's Encrypt With Nginx on an Ubuntu 18.04 VPS or Dedicated Server

Let’s encrypt SSL/TLS is free automated technology offered by Internet Security Research Group (ISRG). Transport Layer Security (TLS) and SSL (Secure Sockets Layer)  is a technology that encrypts sensitive information as it travels across the internet.

If you handle a lot of private information on your website, SSL/TLS will be essential to provide the privacy and data integrity from your customers’ information.

SSL is also one of those essential website features that provide trust to your customers by letting them know that their connection to your website is secured. In this guide, we will focus on setting up let’s encrypt SSL/TLS certificate with Nginx on an Ubuntu 18.04 server.

Prerequisites

  • A VPS plan running Ubuntu 18.04 Operating system (read our VPS hosting review here)
  • Nginx web server
  • A non-root user with sudo privileges
  • A domain name(e.g. www.example.com)

Step 1:
Installing Certbot

Certbot is an automated tool that obtains Let’s Encrypt certificates to enable HTTPS on your server. Before, we install on the Ubuntu 18.04 server, we need to add the repository first using the command below:

$ sudo add-apt-repository ppa:certbot/certbot

Press Enter to continue when prompted to do so.

Next, you need to update the package list so that it can pick up the updated repository information:

$ sudo apt-get update

Once the update is completed, you can now comfortably install Certbot on your Ubuntu 18.04 server using the command below:

$ sudo apt-get install python-certbot-nginx

Press Y and hit Enter when prompted to confirm the installation .

Step 2:
Editing Nginx website configuration file

In an Ngnix environment, the configuration files of your websites are located on the directory ‘/etc/nginx/sites-available/’

This is where Certbot looks to automatically configure an SSL certificate for your website. The tool need to find the right server block with the right ‘server_name’ directive that matches your domain name.

If you are hosting multiple websites, you need to edit the correct configuration file. However, for a single site, you can edit the default configuration file using nano text editor using the command below:

$ sudo apt-get install python-certbot-nginx

for the directive ‘server_name’ and overwrite the underscore (_) value with your domain name. For instance if your domain name is ‘example.com’, the line should look as follows:

...
$ server_name example.com www.example.com;
...

Press CTRL + X, Y and hit Enter to save the changes to the file.

To avoid running Certbot with errors on your configuration file, you should run the command below first:

$ sudo nginx -t

If the syntax of your website configuration file is okay, you will get the output ‘test is successful’

Reload Nginx for the configuration to take effect:

$ sudo systemctl reload nginx

Step 3:
Run Certbot to retrieve SSL certificate

With these settings in place, we can run Certbot to obtain our SSL certificate.

Use the below syntax:

$ sudo certbot --nginx -d example.com -d www.example.com

Remember to replace ‘example.com’ with the actual domain name of your website

You will be prompted to enter an email address for urgent renewal of the certificates when running the command for the first time.

Next, enter ‘A’ and hit Enter to agree to the terms.

On the next step, enter ‘Y’ and hit Enter to share your email address with Electronic Frontier Foundation. This is optional, you may enter ‘N’ if you don’t want to share your personal email address with them

Finally, Certbot will obtain an SSL certificate for your domain and you will get a congratulations message.

Step 4:
Test the installation

Up to this point, your website can be served via the HTTPS protocol. You can enter your website address as shown below to verify the changes

$ https://www.example.com

Remember to allow Ngnix on the HTTPS port if you are using a firewall e.g. UFW by running the command below:

$ sudo ufw allow 'Nginx Full'

Also, you can test if the renewal of your SSL certificate is working, by running the command below:

$ sudo certbot renew --dry-run

Conclusion

You have just learnt how to install Let’s Encrypt SSL/TLS certificate on your Ubuntu 18.04 VPS running Ngnix as a web server. You can now rest assured that sensitive data is secured as it travels from your visitors’ browsers to your server for added security.

 

Check out these top 3 Dedicated server hosting services:

Hostinger
£2.28 /mo
Starting price
Visit Hostinger
Rating based on expert review
  • User Friendly
    4.7
  • Support
    4.7
  • Features
    4.8
  • Reliability
    4.8
  • Pricing
    4.7
IONOS
£0.76 /mo
Starting price
Visit IONOS
Rating based on expert review
  • User Friendly
    4.5
  • Support
    4.0
  • Features
    4.5
  • Reliability
    4.5
  • Pricing
    4.3
Ultahost
£1.91 /mo
Starting price
Visit Ultahost
Rating based on expert review
  • User Friendly
    4.3
  • Support
    4.8
  • Features
    4.5
  • Reliability
    4.0
  • Pricing
    4.8
  • Do you need the best VPS? Read about our different offers.

How to Install a Let’s Encrypt Certificate on your Ubuntu 18.04 Dedicated Server or VPS

If you are hosting your website on a VPS server running Ubuntu 18.04, we will sh
less than a minute
Michael Levanduski
Michael Levanduski
Expert Hosting Writer & Tester

How to Change Your SSH Port from the Default Port

Follow our step-by-step guide to change your SSH default port to a more secure o
less than a minute
Idan Cohen
Idan Cohen
Marketing Expert

How to Enable Two-Factor Authentication on an Ubuntu 18.04 VPS or Dedicated Server

This guide will show you how you enable two-factor authentication to improve the
less than a minute
Max Ostryzhko
Max Ostryzhko
Senior Web Developer, HostAdvice CTO

How to Install and Configure Linux Malware Detect on CentOS 7

This tutorial will help you install and configure Linux Malware Detect (LMD) on
less than a minute
Eliran Ouzan
Eliran Ouzan
Web Designer & Hosting Expert
HostAdvice.com provides professional web hosting reviews fully independent of any other entity. Our reviews are unbiased, honest, and apply the same evaluation standards to all those reviewed. While monetary compensation is received from a few of the companies listed on this site, compensation of services and products have no influence on the direction or conclusions of our reviews. Nor does the compensation influence our rankings for certain host companies. This compensation covers account purchasing costs, testing costs and royalties paid to reviewers.
Click to go to the top of the page
Go To Top