Setup LetsEncrypt on Ubuntu 17.04 for Nginx Webserver

LetsEncrypt is an opensource certificate authority that provides free SSL certificates for millions of websites online. It has backing from many of the big IT companies, including Google. With its automated scripts, webmasters can turn on SSL on their websites and blogs for free.

This brief tutorial is going to show you how to use LetsEncrypt certificates on Ubuntu 17.04 server for Nginx webservers.

When configured properly, you’ll be able to encrypt all your websites and never worry about paying another certificate authority (CA) a penny. This is great!

Before you can continue, let’s make sure the requirements are covered.

STEP 1: INSTALLING GIT PACKAGE ON UBUNTU

The easiest to get LetsEncrypt scripts installed on Ubuntu is by downloading them from git repository to your system. You can only do that when you have git packages installed on Ubuntu.

Run the commands below to install Git packages on Ubuntu server.

sudo apt-get update
sudo apt-get install git-all

STEP 2: DOWNLOADING LETSENCRYPT SCRIPTS

Now that git is installed, go and download LetsEncrypt scripts on Ubuntu. First create a directory to store the scripts.

sudo mkdir -p /opt/letsencrypt

Then change into that directory and download the scripts

cd /opt/letsencrypt
sudo git clone https://github.com/letsencrypt/letsencrypt

When the scripts are downloaded, enable the main scripts to be executable. You can do that by running the commands below.

sudo chmod g+x letsencrypt/letsencrypt-auto
sudo ./letsencrypt/letsencrypt-auto --help

After running the commands above, LetsEncrypt will download and updates all scripts and packages, including missing dependencies. Wait a few minutes until all packages and scripts are updated.

STEP 3: INSTALLING LETSENCRYPT SSL FOR APACHE2

At this point, everything should be in place to install your free SSL certificate for your sites. Before running the commands below you must make sure that your website or blog is functional.

When all is done, run the commands below to create a free SSL certificate to encrypt both www and non-www traffic to your websites.

sudo /opt/letsencrypt/letsencrypt/letsencrypt-auto certonly --email=YOUREMAIL@YOURDOMAIN.COM -d YOURDOMAIN.COM -d WWW.YOURDOMAIN.COM

The commands above calls LetsEncrypt telling them to generate certificates only and automate the process. The commands include our email address to contact us and the domains we want to enable SSL on.

Please make sure you have these in your Nginx server block for the site.

Server_name     yourdomain.com www.yourdomain.com

When the process is done, go and check your site and it should begin communicating over SSL.

In your Nginx site configuration file, make sure it looks like the one below.

server {
    listen 443;
    server_name yourdomain.com www.yourdomain.com;

    root /var/www/html;
    index index.html index.htm;

    ssl on;
    ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem; 
}

Save the file and you’re done.

SUMMARY:

This post shows you how to use LetsEncrypt automated scripts to enable free SSL certificates for your sites running Nginx Webserver on Ubuntu 17.04 servers. When you apply the steps above in no time your websites and blogs will be configured to communicating over SSL.

You may also like the post below:

Setting Up LetsEncrypt on Ubuntu 17.04 for Apache2