How To Install Let’s Encrypt SSL With Nginx on Ubuntu 16.04 LTS

Install Let's Encrypt SSL With Nginx on Ubuntu 16.04 LTS

In this tutorial, we will show you how to install Let’s Encrypt SSL with Nginx on Ubuntu 16.04 LTS server. For those of you who didn’t know, LetsEncrypt is a free open certificate authority (CA) that provides free certificates for websites and other services. The service, which is backed by the Electronic Frontier Foundation, Mozilla, Cisco Systems, and Akamai. Unfortunately, certificates currently have a 3 month lifetime. This means you’ll need to renew your certificate quarterly for now.

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo’ to the commands to get root privileges. I will show you through the step by step installation Let’s Encrypt SSL with Nginx on a Ubuntu 16.04 LTS xenial xerus server.

Install Let’s Encrypt SSL With Nginx on Ubuntu 16.04 LTS

Step 1. First, make sure that all your system packages are up-to-date by running these following apt-get commands in the terminal.

Step 2. Installing Let’s Encrypt SSL on Ubuntu 16.04.

The first step is to install certbot, the software client which will automate almost everything in the process:

You will also need to have Nginx installed and running. Of course, if you are adding certificates onto a previously configured web host this would already be installed:

The first step to install let’s encrypt SSL on Ubuntu Linux is to add a simple configuration inside your Nginx server block configuration. Add this line to your server block configuration:

Save and exit to apply changes:

Restart Nginx:

Obtaining a certificate with Certbot:

Run the command as you see below, replace “” with your real domain name and /var/www/ with your real webroot path:


Step 3. Configure SSL/TLS on NGINX web server.

First, edit the server block file you specified during configuration through Certbot and add these three directives:

The full nginx server block configuration may look like this:

Save and close the file when you are finished.

Step 5. Set Up Let’s Encrypt SSL Auto-Renewal.

We will add a cronjob to run the renewal command every week, run this command:

Paste the following lines:

Save and Exit from the crontab table.

This will create a new cronjob that will be executed every Sunday at 01 AM, and then it will reload Nginx webserver to apply the changes. The output will be logged into /var/log/ssl-renew.log file for further analysis if needed.

Congratulations! You have successfully installed Let’s Encrypt. Thanks for using this tutorial for installing Let’s Encrypt SSL on Ubuntu 16.04 LTS system. For additional help or useful information, we recommend you to check the official Let’s Encrypt website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!