Abhijeet Jaiswal

How to enable HTTPS with Certbot and Nginx on Ubuntu

server
2 min read

Certbot with Nginx is an excellent option to enable HTTPS on manually administered websites running over dedicated servers or VPS which you have access to via SSH.

This post tries to capture the steps that I needed to enable a free SSL certificate for Nginx on Ubuntu 23.04 and set up the certificate to renew automatically.

Prerequisites:

  • An Ubuntu server with SSH access and packages updated
  • Nginx installed on Ubuntu with firewall allowing HTTPS port 443
  • A domain name with DNS records pointing to the public IP of your server and a nginx server block setup for it

8 minimal steps to setup HTTPS with Certbot and Nginx:

Certbot is a free, open source software tool for automatically using Let’s Encrypt certificates on manually-administrated websites to enable HTTPS.

Install Snapd

sudo snap install core
sudo snap refresh core

Remove any previous Certbot:

sudo apt remove certbot

Install Certbot via snap

sudo snap install --classic certbot

Install Certbot via apt (skip if already installed using snap above)

sudo apt install certbot python3-certbot-nginx

Create symlink

sudo ln -s /snap/bin/certbot /usr/bin/certbot

Generate SSL certificates using Certbot (add variations of your domain and subdomains)

sudo certbot --nginx -d <domain_name_without_www> -d <domain_name_with_www>

Test nginx configuration which Certbot modified

sudo nginx -t

Reload nginx for changes to take effect

sudo systemctl reload nginx

Now visit your site by entering the domain name and verify the HTTPS connection.