DEV Community

Abhee Hudani ☕
Abhee Hudani ☕

Posted on

Setup Nginx with HTTPS on Azure VM using Certbot

We will setup HTTPS on Nginx using Certbot on an Azure Ubuntu VM


1) Create VM
2) Config Ports
3) Install Nginx
4) HTTPS using Certbot

Creating Azure Ubuntu VM

  • Let's get started by creating Azure VM.

Azure Ubuntu VM Config

  • I'm using ubuntu 18.04 LTS -Ge1 as OS Image and Size :Standard_B1ls - 1vcps. With SSH connection on PORT 22.
  • After that I'm going with default settings. Azure Ubuntu VM SSH


Azure Server DNS Config

Azure VM Config

  • Now we change Dynamic to Static Assigment
  • We set the Assignment as Static then we choose a DNS name label.

Azure VM Config DNS

  • Here we choose nova-test therefore the VM will be accessible at
  • After it is saved let's connect our azure using SSH in terminal.

SSH connection to server

Now let's connect our terminal to server using SSH.

Note: You can always find intructions in VM's Connect Tab

In my PC, I have saved my Private Key(Generated during VM creation) in a root folder called "Key".

  • Connection String ssh -i key.pem user_name@server_name

Note: You can also use public IP to connect instead of server_name

Azure VM SSH Key

  • But before we access the key we need to change the permission of the private key otherwise you might face an issue saying, "Unprotected Private Key File!"
  • In order to do that, we need to goto key's dir and fire these commands

sudo chmod 600 test-vm_key.pem

And Volla! We are connected to our server.

Azure VM SSH Connection

Nginx Setup

Now let's get started with our nginx server !
Install nginx server first:

$ sudo apt-get update
$ sudo apt-get install nginx
Enter fullscreen mode Exit fullscreen mode

And Done ???
-- Well technically, yes. Server is ready.
-- But wait you can't access it from browser right now because we haven't added port rule.
-- To access the server we need to add PORT 80 Access Rule to our VM.
-- In order to add rule for port 80, goto Networking Tab and click

Add Inbound Port Rule

Azure VM Inbound Port

Azure VM Add New Inbound Port

Note: You can always check your inbound port rules and add custom rules in VM's Networking Tab.

Now our server can be accessed by browser by visiting

Azure VM Server HTTP Nginx

As you can see our server is ready but it not secure. We can solve that by adding SSL certificate to our server.

-- And ....yes about the bookmarkbar, I forgot to hide it.

SSL Certificate using Certbot

In order to do that we need to add one last PORT 443 rule. As we know HTTPS runs on port 443 and without 443 access browser can't use https connection.

Azure VM Server 443 Rule

Now we are ready for SSL certificate.

Installing Certbot

Fire following commands to get started:
-- Installing and updating snap

$ sudo snap install core; sudo snap refresh core
Enter fullscreen mode Exit fullscreen mode

-- Installing Certbot

$ sudo snap install --classic certbot
Enter fullscreen mode Exit fullscreen mode

Note: For More Info visit:

Nginx Server Config

Before we initialize our certification process we need to configure our nginx default file.
-- Fire following commands to goto nginx default file

cd /etc/nginx/sites-available

-- Now edit default file. I'm using nano as text edtor.

sudo nano default

  • Add domain after server_name your_domain;

Azure VM Server Nginx Default

-- Save the file by pressing Ctrl+O, Enter(To Save). Ctrl+X (To Exit)

Certbot --nginx

Run this command to get a certificate and have Certbot edit your Nginx configuration automatically to serve it, turning on HTTPS access in a single step.

$ sudo certbot --nginx
Enter fullscreen mode Exit fullscreen mode

-- Fill the details.
-- Once all the steps completed, you will see message similiar to this:

Azure VM Server Nginx Default

Congratulations ! We have successfully added certificate to our server.

Azure VM Server Nginx Default

VOLLA ! We did it. There is just one step remaining which is to restart nginx server.
We can restart it by following command:

$ sudo service nginx reload
Enter fullscreen mode Exit fullscreen mode


We did it, we setup HTTPS on our server for free using Certbot. We did it by creating a VM on Azure and used a custom DNS, added port inbound rules for PORT 80 & 443, installed Nginx and configure default Nginx file. At the end we installed a SSL certification and configured Nginx with Certbot.

Top comments (8)

kiy0p profile image

Hey, I am trying to get through this turorial but I am having some issues. I seem unable to contact the nginx server inside my azure vm. I authorised port 80 on my vm but nothing... Any tips ?

hudaniabhee profile image
Abhee Hudani ☕

While authorising the port 80, have you used protocol as 'any' ? I'm not very sure about the protocols but 'any' is the one which helped me to connect it with my VM. Moreover, can you also check the ufw configuration ?

kiy0p profile image

Hey thanks for the quick reply !
I did use the any in protocol, here is my conf.

Also what do you call ufw ? If that is the firewall conf I don't have any I believe

I hope it helps.

Thread Thread
hudaniabhee profile image
Abhee Hudani ☕

Hi, actually I was talking about the ufw firewall that you have to config in linux VM.
And protocol looks great but did you try to connect your vm using public IP ?

Thread Thread
kiy0p profile image

Hey ! Yes I have tried connecting with ssh using the public ip that doesn't work, only the dns with the port works. Also I just checked and my ufw is inactive.

Thread Thread
hudaniabhee profile image
Abhee Hudani ☕

Hello, I believe that you have to active ufw firewall. That might solve the problem

Thread Thread
kiy0p profile image

Hey, unfortunatly enabeling the firewall didn't work for me, I still can't connect, any other things you have in mind ?

Thread Thread
hudaniabhee profile image
Abhee Hudani ☕

I'm sorry to hear that but I don't have any thing in my mind right now but I find anything new, I will let you know.