1 LEMP Droplet, 1 Let's Encrypt Certificate, NGINX SSL 443 Config. How?

November 23, 2019 103 views
Nginx
nexlevel
By:
nexlevel

Hello Experts.

After setting up a LEMP droplet from the marketplace, I noticed there are NGINX config files in the following locations:

/etc/nginx/nginx.conf
/etc/nginx/sites-enabled/digitalocean <- (no extension..)
/etc/nginx/sites-available/default <- (no extension..)
/etc/nginx/sites-available/digitalocean <- (no extension..)

The goal

1 LEMP Droplet, 1 Let’s Encrypt SSL Certificate.

Question

Which nginx config file do I edit and if I will only be hosting 1 single website per droplet, how do I generate a certificate for mysite.com, www.mysite.com for this scenario and what should my nginx config file look like?

I think generating it is simple but which of the 4 nginx files is it editing?

Run this command to get a certificate and have Certbot edit your Nginx configuration automatically to serve it, turning on HTTPS access in a single step.

sudo certbot --nginx

I am aware of your sweet load balancer easy to setup ssl options but I cannot afford it right now. This would also be a great opportunity to learn from the community by example and how to do it on my own.

Thank you for any help.

Sign In to Comment
2 Answers
nexlevel November 23, 2019

Ok. After further research I have found:

If you have 1 LEMP droplet, 1 domain, and you want to add Let’s Encrypt SSL to it, you can use certbot NGINX plugin to accomplish this in a single line.

sudo certbot --nginx -d mysite.com -d www.mysite.com

…then, Option 2 to Make all requests redirect to secure HTTPS access.

Obviously replace mysite.com for whatever your domain is.

Detail references I’ve found…

obtaining-an-ssl-certificate

Thank you again for the incredible service.

How To Secure Nginx with Let's Encrypt on Ubuntu 18.04
by Hazel Virdó
by Kathleen Juell
In this tutorial, we will show you how to use Let's Encrypt to obtain a free SSL certificate and use it with Nginx on Ubuntu 18.04. We will also show you how to automatically renew your SSL certificate. If you're running a different web server, simply follow your web server's documentation to learn how to use the certificate with your setup.
alexdo MOD November 24, 2019

Hello, @nexlevel

certbot will take care and will build the nginx configuration file for you. I’m glad that you’ve sorted this! Let me know if you have any other questions.

Regards,
Alex

Have another answer? Share your knowledge.

Related