Let’s Encrypt is a Certificate Authority (CA) that provides an accessible way to obtain and install free TLS/SSL certificates while enabling encrypted HTTPS on a web server. It simplifies the process by providing a software client, Certbot, which attempts to automate most (if not all) of the necessary steps. Currently, the entire process of obtaining and installing certificates on both Apache and Nginx is fully automated.
Install and configure the let’s encrypt SSL certificate on ubuntu 22.04 Nginx; Through this tutorial, we will learn how to install and configure the let’s encrypt SSL certificate on ubuntu 22.04 Nginx.
How to Install Let’s Encrypt & certbot in Ubuntu 20.04 | 22.04 Nginx
Steps to install and configure let’s encrypt SSL certificate & certbot on ubuntu 22.04 Nginx using terminal or command line:
- Step 1 – Install let’s encrypt Certbot
- Step 2 – Check Nginx Configuration
- Step 3 – Allowing HTTPS Through the Firewall
- Step 4 – Get Free SSL/TLS Certificate
- Step 5 – Enable Automatic Certificate Renewal
Step 1 – Install let’s encrypt Certbot
First of all, open terminal or command line and execute the following command on command line to install certbot:
sudo apt update sudo apt install certbot python3-certbot-nginx
Step 2 – Check Nginx Configuration
Then execute the following command on command line To check whether it is set up correctly:
sudo nano /etc/nginx/sites-available/example.com
Then, locate the server_name directive and make sure it is set to your domain name. As you want to include the domain name with and without the www. prefix, the line should look similar to the one below:
server_name example.com www.example.com
Step 3 – Allowing HTTPS Through the Firewall
Check the firewall status by executing the following command on command line:
sudo ufw status
To additionally let in HTTPS traffic, allow the Nginx Full profile and delete the redundant Nginx HTTP profile allowance:
sudo ufw allow 'Nginx Full' sudo ufw delete allow 'Nginx HTTP'
Step 4 – Get Free SSL/TLS Certificate
Now, execute the following command on command line to get free ssl/tls certificate:
sudo certbot --nginx -d example.com -d www.example.com
If this is first time running certbot, will be prompted to enter an email address and agree to the terms of service. After doing so, certbot will communicate with the Let’s Encrypt server, then run a challenge to verify that you control the domain you’re requesting a certificate for.
Step 5 – Enable Automatic Certificate Renewal
Since Let’s Encrypt certificates expire every 90 days, Nginx recommends setting up an automatic renewal cron job.
So, use the following command on the command line to create automatic renewal let’s encrypt the certificate for Nginx on ubuntu 22.04:
sudo systemctl status snap.certbot.renew.service
To test the renewal process, Use the dry command with certbot:
sudo certbot renew --dry-run
Conclusion
Through this tutorial, we have learned how to install and configure certbot to obtain a free SSL certificate for Nginx on Ubuntu 22.04 and set up your certificate to renew automatically.
