8. Nginx and Let's Encrypt (SSL) - Mediocre Inventions

Intro

If you have setup your Nginx server on Ubuntu 18.04 then this article will walk you through how to add an SSL certificate using Let’s Encrypt to your website so that it uses https instead of http. If you chose to use Heroku, then you can skip this article. Please note that this article will require you to own a domain name already. This will be a quick summary to get you up and running, but a more detailed article on this topic can be found here if you are interested: https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-18-04

Setup

First, let’s install Certbot:

sudo add-apt-repository ppa:certbot/certbot
sudo apt install python-certbot-nginx

Double check that you have your domains entered properly in /etc/nginx/sites-available/yourdomain.com or sudo nano /etc/nginx/sites-available/default. There should be a line with server_name that follows with your domain. For example:

server_name yourdomain.com www.yourdomain.com;

If you had to make any changes, make sure to open the file as “sudo”, save then and run

sudo systemctl reload nginx

If you have your firewall on (you can check its status by running sudo ufw status), remember to configure your firewall for this:

sudo ufw allow 'Nginx Full'
sudo ufw delete allow 'Nginx HTTP'

Then run you can run this to make sure nothing is wrong with the status

sudo ufw status

Now you can run the following to finish setting up SSL for your website:

sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com

This certificate should auto-renew itself when it expires now.

Congratulations, you have just secured your website with SSL and it should be ready for production!

Navigation

Previous article can be found here.