Question

1 LEMP Droplet, 1 Let's Encrypt Certificate, NGINX SSL 443 Config. How?

  • Posted on November 23, 2019
  • Nginx
  • nexlevelAsked by Vini

Hello Experts.

After setting up a LEMP droplet from the marketplace, I noticed there are NGINX config files in the following locations:

/etc/nginx/nginx.conf /etc/nginx/sites-enabled/digitalocean <- (no extension…) /etc/nginx/sites-available/default <- (no extension…) /etc/nginx/sites-available/digitalocean <- (no extension…)

The goal

1 LEMP Droplet, 1 Let’s Encrypt SSL Certificate.

Question

Which nginx config file do I edit and if I will only be hosting 1 single website per droplet, how do I generate a certificate for mysite.com, www.mysite.com for this scenario and what should my nginx config file look like?

I think generating it is simple but which of the 4 nginx files is it editing?

Run this command to get a certificate and have Certbot edit your Nginx configuration automatically to serve it, turning on HTTPS access in a single step.

sudo certbot --nginx

I am aware of your sweet load balancer easy to setup ssl options but I cannot afford it right now. This would also be a great opportunity to learn from the community by example and how to do it on my own.

Thank you for any help.

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

alexdoNovember 24, 2019

Hello, @nexlevel

certbot will take care and will build the nginx configuration file for you. I’m glad that you’ve sorted this! Let me know if you have any other questions.

Regards, Alex

ViniNovember 23, 2019

Ok. After further research I have found:

If you have 1 LEMP droplet, 1 domain, and you want to add Let’s Encrypt SSL to it, you can use certbot NGINX plugin to accomplish this in a single line.

sudo certbot --nginx -d mysite.com -d www.mysite.com

…then, Option 2 to Make all requests redirect to secure HTTPS access.

Obviously replace mysite.com for whatever your domain is.

Detail references I’ve found…

obtaining-an-ssl-certificate

Thank you again for the incredible service.