Related

Tool NGINX Config Generator Tool
Nginx, Prestashop - TTFB too much slow Question Question
Nginx users list - how to display Question Question

Question

DO Let's encrypt certificate + nginx

Posted December 26, 2019 634 views
Nginx

Hi,

I just generated certificate (Security->Add Certificate) for a domain. But what should I do next?
I have Nginx server running on Ubuntu. I need to configure 443 port for Nginx, but this requires to set a path to certificates (pem).
There are tons of Certbot tutorials, but I assume it’s not needed and certificate is managed by DigitalOcean.

Thanks for any help!

Add a comment
lequal
By:
lequal
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
2 answers
KDSys December 26, 2019

Hi @lequal,

You are correct, DigitalOcean has articles on how to enable Let’s Encrypt on Nginx with Certbot. I would recommend reading and using them as everything is automatically created in your nginx configuration. Here is an article about that : https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-18-04

If you however want to do this manually, you can follow these steps

*1. Log into the server using SSH.
*

ssh root@YourDropletIp

2. Check the OpenSSL client software.

sudo apt-get mod_ssl openssl

3. Make a directory to store the server key and certificate.

$ sudo mkdir mkdir /etc/nginx/ssl

4. Copy the SSL certificate file and server key.

$ touch server.crt /etc/nginx/ssl
$ touch server.key /etc/nginx/ssl

Once you have created the files, paste the information into them

nano /etc/nginx/ssl/server.crt
nano /etc/nginx/ssl/server.key

5. Edit the ssl.conf

$ sudo nano /etc/nginx/sites-available/default/your_very_own_domain.com

Once open, the file can be edited so that it points to the correct files in the Web server. It will look something like:

server {
listen  80;
listen 443 ssl;

ssl on;
ssl_certificate /etc/ssl/your_domain_name.pem; 
ssl_certificate_key /etc/ssl/your_domain_name.key;

server_name your_very_own_domain.com;
access_log /var/log/nginx/nginx.vhost.access.log;
error_log /var/log/nginx/nginx.vhost.error.log;
location / {
root /home/www/public_html/your_very_own_domain.com/public/;
index index.html;
}
}

6.Restart Nginx

service nginx restart

Regards,
KDSys

How To Secure Nginx with Let's Encrypt on Ubuntu 18.04
by Hazel Virdó
by Kathleen Juell
In this tutorial, we will show you how to use Let's Encrypt to obtain a free SSL certificate and use it with Nginx on Ubuntu 18.04. We will also show you how to automatically renew your SSL certificate. If you're running a different web server, simply follow your web server's documentation to learn how to use the certificate with your setup.
Reply Report
lequal December 26, 2019

Thanks for quick answer. Does it mean I actually need to install certbot? By the way “sudo apt-get mod_ssl” throws an error.

“touch server.crt /etc/nginx/ssl” didn’t create any .crt file

“Once you have created the files, paste the information into them” - paste information from where?

Thanks

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help