Install SSL certificate through letsencrypt on nginx

The days of expensive SSL Certificates are over. Letsencrypt is rapidly changing the way certificates are handled. The basic functionality is that you install the letsencrypt client on your server and from there it does its magic to authenticate your server. They also offer a lot of automation tools, which might scare you at first. But it’s really easy to get certificates and install them e.g. with nginx. Here’s how, assuming you have nginx installed on an ubuntu server.

1) Go to your registrar and point your site, e.g. example.com to your servers IP e.g. 107.170.33.76.

2) Login to your server (ssh root@107.170.33.76 on digital ocean for example), then:

git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt
./letsencrypt-auto certonly --standalone --email youremail@gmail.com -d example.com -d www.example.com
cd /etc/nginx/ssl/
ln -s /etc/letsencrypt/live/taskbase.com/privkey.pem nginx.key
ln -s /etc/letsencrypt/live/taskbase.com/fullchain.pem nginx.crt

3) Use the following inside your http block of the nginx.conf file:

  upstream project {
    ip_hash;
    server localhost:8080;
  }

  server {
    listen  80;
    server_name example.com www.example.com;
    return  301 https://$host$request_uri;
  }

  server {
    listen 443 ssl;
    server_name example.com www.example.com;
    ssl_certificate /etc/nginx/ssl/nginx.crt;
    ssl_certificate_key /etc/nginx/ssl/nginx.key;
    ssl_protocols TLSv1.2 TLSv1.1 TLSv1;

    location / {
      proxy_pass http://project;
      proxy_read_timeout 1000;
    }
  }

4) service nginx reload and enjoy.

 

One Reply to “Install SSL certificate through letsencrypt on nginx”

Leave a Reply

Your email address will not be published.