How To Install Nginx with Let’s Encrypt on Ubuntu 22.04 LTS
In this tutorial, we will show you how to install MySQL on Ubuntu 22.04 LTS. For those of you who didn’t know, Nginx is an open-source, free HTTP server software. In addition to its HTTP server capabilities, Nginx can also function as a proxy server. Whereas Let’s Encrypt is a certificate authority that provides free SSL certificates for websites. Let’s Encrypt supports auto installation of certificates on Apache, Nginx, Plex, and many more.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Let’s Encrypt SSL with Nginx on Ubuntu 22.04 (Jammy Jellyfish). You can follow the same instructions for Ubuntu 22.04 and any other Debian-based distribution like Linux Mint, Elementary OS, Pop!_OS, and more as well.
Prerequisites
- A server running one of the following operating systems: Ubuntu 22.04, 20.04, and any other Debian-based distribution like Linux Mint.
- It’s recommended that you use a fresh OS install to prevent any potential issues.
- SSH access to the server (or just open Terminal if you’re on a desktop).
- A
non-root sudo useror access to theroot user. We recommend acting as anon-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.
Install Nginx with Let’s Encrypt on Ubuntu 22.04 LTS Jammy Jellyfish
Step 1. First, make sure that all your system packages are up-to-date by running the following apt commands in the terminal.
sudo apt update sudo apt upgrade
Step 2. Installing Nginx on Ubuntu 22.04.
By default, the Nginx is available on Ubuntu 22.04 base repository. Now run the following command below to install the latest version of Nginx to your Ubuntu system:
sudo apt install nginx
After successfully installation, enable Nginx (to start automatically upon system boot), start, and verify the status using the commands below:
sudo systemctl enable nginx sudo systemctl start nginx sudo systemctl status nginx
Confirm the installation and check the installed build version of Nginx:
nginx -v
Step 3. Configure Firewall.
Ubuntu 22.04 has ufw a firewall running by default. Enable connection through ports 80 HTTP and 443 HTTPS:
sudo ufw allow 'Nginx FULL' sudo ufw enable sudo ufw status
Step 4. Accessing Nginx Web Server.
Once successfully installed, open a web browser on your system and type the server’s IP in the address bar. You will get the default Nginx server page:
Step 5. Installing Certbot.
Now we install Certbot on Ubuntu 22.04 using the following command:
sudo snap install core sudo snap refresh core sudo snap install --classic certbot sudo ln -s /snap/bin/certbot /usr/bin/certbot
Step 6. Secure Nginx with Let’s Encrypt on Ubuntu 22.04.
After complete install Certbot, now we set up Certbot for Nginx using the following command:
sudo apt install python3-certbot-nginx
Next, run the following command to start the creation of your certificate:
sudo certbot --nginx --agree-tos --redirect --hsts --staple-ocsp --email admin@domain.com -d www.domain.com
Output:
------------------------------------------------------------------------------- Congratulations! You have successfully enabled https://domain.com and https://www.domain.com You should test your configuration at: https://www.ssllabs.com/ssltest/analyze.html?d=domain.com https://www.ssllabs.com/ssltest/analyze.html?d=www.domain.com ------------------------------------------------------------------------------- IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/domain.com/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/domain.com/privkey.pem Your cert will expire on 2022-05-20. To obtain a new or tweaked version of this certificate in the future, simply run certbot again with the "certonly" option. To non-interactively renew *all* of your certificates, run "certbot renew" - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le
Step 7. Auto-Renewal SSL.
Let’s Encrypt certificates have 90 days of validity, and it is highly advisable to renew the certificates before they expire. To test that this renewal process is working correctly, you can run:
sudo certbot renew --dry-run
Output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Processing /etc/letsencrypt/renewal/domain.com.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Account registered. Simulating renewal of an existing certificate for domain.com and www.domain.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Congratulations, all simulated renewals succeeded: /etc/letsencrypt/live/domain.com/fullchain.pem (success) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Step 8. Test SSL.
Once successfully completed secure Nginx with Let’s Encrypt SSL, now go to ssllabs.com/ssltest/, and run an SSL test on your domain:
Congratulations! You have successfully secured Nginx with Let’s Encrypt. Thanks for using this tutorial for installing Nginx with Let’s Encrypt TLS/SSL on Ubuntu 22.04 LTS Jammy Jellyfish system. For additional help or useful information, we recommend you check the official Nginx website.
