LinuxTutorialsUbuntu

How To Install Nginx with Let’s Encrypt SSL on Ubuntu 20.04 LTS

r00t

Install Nginx with Let’s Encrypt SSL on Ubuntu 20.04

In this tutorial, we will show you how to install Nginx with Let’s Encrypt SSL on Ubuntu 20.04 LTS. For those of you who didn’t know, Let’s Encrypt is a Certificate Authority (CA) that provides an easy way to obtain and install free TLS/SSL certificates, thereby enabling encrypted HTTPS on web servers. This guide will tell you about installing the Nginx web server, installing the Certbot, generating an SSL certificate with Certbot, and creating additional SSL configuration to get the A+ from the SSL test SSL Labs.

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Nginx with free SSL on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

Prerequisites

  • A server running one of the following operating systems: Ubuntu 20.04, 18.04, 16.04, and any other Debian-based distribution like Linux Mint.
  • It’s recommended that you use a fresh OS install to prevent any potential issues.
  • SSH access to the server (or just open Terminal if you’re on a desktop).
  • A non-root sudo user or access to the root user. We recommend acting as a non-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.

Install Nginx with Let’s Encrypt SSL on Ubuntu 20.04 LTS Focal Fossa

Step 1. First, make sure that all your system packages are up-to-date by running the following apt commands in the terminal.

sudo apt update
sudo apt upgrade

Step 2. Installing Nginx on Ubuntu 20.04.

Nginx is available in the default Ubuntu repositories. To install it run the following command:

sudo apt install nginx

After the installation is completed, run the commands to enable Nginx to automatically startup when your server starts:

sudo systemctl stop nginx
sudo systemctl start nginx
sudo systemctl enable nginx

Let us go ahead and run the Nginx test page. Go to your web browser and visit your domain or IP:

http://your-server-ip-address

Install Nginx with Let’s Encrypt SSL on Ubuntu 20.04 LTS Focal Fossa

Step 3. Configuring Firewall.

Meanwhile, you need to make sure that your firewall is configured to allow traffic on HTTP (80) and HTTPS (443) ports. Nginx registers itself as a service with ufw :

sudo ufw allow in "Nginx Full"

Step 4. Secure Nginx with Let’s Encrypt SSL Free Certificate.

Now we install Certbot for Nginx on Ubuntu 20.04 using the following command below:

sudo apt install python3-certbot-nginx

After that, run the following command to start the creation of your certificate:

sudo certbot --nginx --agree-tos --redirect --hsts --staple-ocsp --email admin@your-domain.com -d www.our-domain.com

Output:

-------------------------------------------------------------------------------
Congratulations! You have successfully enabled https://your-domain.com and
https://www.your-domain.com

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=your-domain.com
https://www.ssllabs.com/ssltest/analyze.html?d=www.your-domain.com
-------------------------------------------------------------------------------

IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/idroot.us/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/your-domain.com/privkey.pem
Your cert will expire on 2021-10-05. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the "certonly" option. To non-interactively renew *all* of
your certificates, run "certbot renew"
- If you like Certbot, please consider supporting our work by:

Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le

Step 5. Auto-Renewal SSL.

Let’s Encrypt certificates are valid for 3 months, they need to be checked for renewal periodically. To test that this renewal process is working correctly, you can run:

sudo certbot renew --dry-run

Step 6. Test SSL.

You can now go to ssllabs.com/ssltest/ and run an SSL test on your domain:

Install Nginx with Let’s Encrypt SSL on Ubuntu 20.04

Congratulations! You have successfully installed Nginx with a free SSL certificate. Thanks for using this tutorial for installing the Let’s Encrypt SSL on Ubuntu 20.04 LTS Focal Fossa system. For additional help or useful information, we recommend you check the official Nginx website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!
Tags
r00t
Photo of r00t

r00t

r00t is a seasoned Linux system administrator with a wealth of experience in the field. Known for his contributions to idroot.us, r00t has authored numerous tutorials and guides, helping users navigate the complexities of Linux systems. His expertise spans across various Linux distributions, including Ubuntu, CentOS, and Debian. r00t's work is characterized by his ability to simplify complex concepts, making Linux more accessible to users of all skill levels. His dedication to the Linux community and his commitment to sharing knowledge makes him a respected figure in the field.
Copyright © 2024 idroot.us | All Rights Reserved.
Back to top button