Introduction

Ensuring your website's security is non-negotiable. One fundamental step is encrypting data transmitted over the web, and SSL (Secure Sockets Layer) is the key. In this guide, we'll navigate through the SSL setup process using Let’s Encrypt and Nginx as a reverse proxy, guaranteeing a safe online experience for your users.

Prerequisites

• A server where your website is hosted.

• An A record pointing to your server’s public IP address.

• Basic knowledge of the terminal.

Step 1: Update and Install Certbot

As usual, we begin by updating your package repository and upgrading packages on your server:

sudo apt update
sudo apt upgrade
sudo apt install certbot python3-certbot-nginx

Step 2: Configure Nginx

Ensure Nginx's configuration file has a server_name directive that matches your domain. Edit the Nginx configuration file:

sudo vi /etc/nginx/sites-available/yourdomain.com

Verify that you have the server_name directive:

...
server_name yourdomain.com;
...

Step 3: Obtain SSL Certificate

Utilize Certbot’s Nginx plugin to obtain your SSL certificate:

sudo certbot --nginx -d yourdomain.com

Note: Replace yourdomain.com with the actual server_name used in your Nginx configuration file.

Certbot will guide you through the configuration. Once done, your certificates will be stored, and Nginx will need to be reloaded.

sudo systemctl restart nginx

Step 4: Verify Certbot Auto-Renewal

Certbot automatically renews your SSL certificates. Check the renewal timer’s status:

sudo systemctl status certbot.timer

Test the renewal process with a dry run:

sudo certbot renew --dry-run

No errors indicate a successful setup. Certbot will handle your certificates, ensuring they're always up-to-date.

Conclusion

Congratulations! Your website is now secure with SSL, providing a safe browsing experience for your visitors. Stay tuned for more tech tips and security insights!