DEV Community

JPBlancoDB
JPBlancoDB

Posted on

7 2

Configure Let's Encrypt + Nginx in Ubuntu

Step-by-step guide to install Let's Encrypt certificate

Translated into: Español

First, let's briefly define what Let's Encrypt is for by quoting them.

Let’s Encrypt is a free, automated, and open Certificate Authority.

In summary, with Let's Encrypt we obtain a secure domain certificate (SSL) for our site and for free.

Steps:

  1. Install Certbot in the server:
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install python-certbot-nginx
  1. We need to modify nginx file (we are going to use the default file for simplicity):
sudo nano /etc/nginx/sites-available/default

Search and replace the line that contains server_name with:

server_name domain.com www.domain.com;

Verify nginx configuration is correct:

sudo nginx -t
  1. Restart Nginx:
sudo systemctl reload nginx
  1. Installing the certificate:
sudo certbot --nginx -d domain.com -d www.domain.com
sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
sudo nano /etc/nginx/sites-available/default

Add in the server section:

ssl_dhparam /etc/ssl/certs/dhparam.pem;

Let's verify again that our configuration is correct:

sudo nginx -t

Restart Nginx:

sudo systemctl reload nginx
  1. Finally, we need to automatically renew our certificate because it expires every 90 days:
sudo crontab -e

and add:

15 3 \* \* \* /usr/bin/certbot renew –quiet

Done! We have our domain secure with SSL.

Lastly, we could verify the state of our certificates with certbot by executing this command:

certbot certificates

I hope this is helpful! If you have any doubts you could contact me via Twitter or by adding a comment :)

Translated into Español

Image of Timescale

🚀 pgai Vectorizer: SQLAlchemy and LiteLLM Make Vector Search Simple

We built pgai Vectorizer to simplify embedding management for AI applications—without needing a separate database or complex infrastructure. Since launch, developers have created over 3,000 vectorizers on Timescale Cloud, with many more self-hosted.

Read more →

Top comments (1)

Collapse
 
dineshrathee12 profile image
Dinesh Rathee

LetsEncrypt have revoked around 3 million certs last night due to a bug that they found. Are you impacted by this, Check out ?

DevTo
[+] dev.to/dineshrathee12/letsencrypt-...

GitHub
[+] github.com/dineshrathee12/Let-s-En...

LetsEncryptCommunity
[+] community.letsencrypt.org/t/letsen...

Image of Docusign

🛠️ Bring your solution into Docusign. Reach over 1.6M customers.

Docusign is now extensible. Overcome challenges with disconnected products and inaccessible data by bringing your solutions into Docusign and publishing to 1.6M customers in the App Center.

Learn more