DEV Community

loading...

Setup Nginx with HTTPS on Azure VM using Certbot

hudaniabhee profile image Abhee Hudani ☕ ・4 min read

We will setup HTTPS on Nginx using Certbot on an Azure Ubuntu VM

Steps

1) Create VM
2) Config Ports
3) Install Nginx
4) HTTPS using Certbot


Creating Azure Ubuntu VM


  • Let's get started by creating Azure VM.

Azure Ubuntu VM Config

  • I'm using ubuntu 18.04 LTS -Ge1 as OS Image and Size :Standard_B1ls - 1vcps. With SSH connection on PORT 22.
  • After that I'm going with default settings. Azure Ubuntu VM SSH

-- SAVE YOUR PRIVATE KEY, KEEP IT SECURE AND DON'T SHARE IT.


Azure Server DNS Config


Azure VM Config

  • Now we change Dynamic to Static Assigment
  • We set the Assignment as Static then we choose a DNS name label.

Azure VM Config DNS

  • Here we choose nova-test therefore the VM will be accessible at nova-test.eastus2.cloudapp.azure.com.
  • After it is saved let's connect our azure using SSH in terminal.

SSH connection to server


Now let's connect our terminal to server using SSH.

Note: You can always find intructions in VM's Connect Tab

In my PC, I have saved my Private Key(Generated during VM creation) in a root folder called "Key".

  • Connection String ssh -i key.pem user_name@server_name

Note: You can also use public IP to connect instead of server_name

Azure VM SSH Key

  • But before we access the key we need to change the permission of the private key otherwise you might face an issue saying, "Unprotected Private Key File!"
  • In order to do that, we need to goto key's dir and fire these commands

sudo chmod 600 test-vm_key.pem

And Volla! We are connected to our server.

Azure VM SSH Connection


Nginx Setup


Now let's get started with our nginx server !
Install nginx server first:

$ sudo apt-get update
$ sudo apt-get install nginx
Enter fullscreen mode Exit fullscreen mode

And Done ???
-- Well technically, yes. Server is ready.
-- But wait you can't access it from browser right now because we haven't added port rule.
-- To access the server we need to add PORT 80 Access Rule to our VM.
-- In order to add rule for port 80, goto Networking Tab and click

Add Inbound Port Rule

Azure VM Inbound Port

Azure VM Add New Inbound Port

Note: You can always check your inbound port rules and add custom rules in VM's Networking Tab.

Now our server can be accessed by browser by visiting nova-test.eastus2.cloudapp.azure.com

Azure VM Server HTTP Nginx

As you can see our server is ready but it not secure. We can solve that by adding SSL certificate to our server.

-- And ....yes about the bookmarkbar, I forgot to hide it.


SSL Certificate using Certbot


In order to do that we need to add one last PORT 443 rule. As we know HTTPS runs on port 443 and without 443 access browser can't use https connection.

Azure VM Server 443 Rule

Now we are ready for SSL certificate.

Installing Certbot

Fire following commands to get started:
-- Installing and updating snap

$ sudo snap install core; sudo snap refresh core
Enter fullscreen mode Exit fullscreen mode

-- Installing Certbot

$ sudo snap install --classic certbot
Enter fullscreen mode Exit fullscreen mode

Note: For More Info visit: https://certbot.eff.org/lets-encrypt/ubuntuxenial-nginx.html

Nginx Server Config


Before we initialize our certification process we need to configure our nginx default file.
-- Fire following commands to goto nginx default file

cd /etc/nginx/sites-available

-- Now edit default file. I'm using nano as text edtor.

sudo nano default

  • Add domain after server_name your_domain;

Azure VM Server Nginx Default

-- Save the file by pressing Ctrl+O, Enter(To Save). Ctrl+X (To Exit)

Certbot --nginx


Run this command to get a certificate and have Certbot edit your Nginx configuration automatically to serve it, turning on HTTPS access in a single step.

$ sudo certbot --nginx
Enter fullscreen mode Exit fullscreen mode

-- Fill the details.
-- Once all the steps completed, you will see message similiar to this:

Azure VM Server Nginx Default

Congratulations ! We have successfully added certificate to our server.

Azure VM Server Nginx Default

VOLLA ! We did it. There is just one step remaining which is to restart nginx server.
We can restart it by following command:

$ sudo service nginx reload
Enter fullscreen mode Exit fullscreen mode

Conclusion

We did it, we setup HTTPS on our server for free using Certbot. We did it by creating a VM on Azure and used a custom DNS, added port inbound rules for PORT 80 & 443, installed Nginx and configure default Nginx file. At the end we installed a SSL certification and configured Nginx with Certbot.

Discussion (0)

pic
Editor guide