Configuring SSL for Your Website Using Certbot

Mini Blog sys admin
, , ,
1

YouTube reference

Get 200$ in Digital Ocean and Get 100$ in Vultr

Configuring SSL for Your Website Using Certbot :globe_with_meridians::lock:

In today’s digital world, securing your website with SSL (Secure Sockets Layer) is not just a best practice – it’s a necessity. SSL encrypts the data exchanged between a user’s browser and your web server, ensuring the confidentiality and integrity of the information. One of the most popular tools for obtaining SSL certificates is Certbot. In this guide, we’ll walk you through the process of configuring SSL for a sample static website named “demo” using Certbot.

Prerequisites

Before we start, make sure you have the following prerequisites in place:

  1. A server with a domain pointing to it.
  2. SSH access to the server.
  3. A sample static website hosted on your server. We’ll use the one available at https://github.com/ServerGuyFluxx/Static_web_sample.git for this tutorial.

Step 1: Connect to Your Server

Open your terminal and SSH into your server. Replace your-server-ip with the actual IP address of your server.

ssh your-server-ip

Step 2: Install Certbot

If you’re using a Linux server, you can install Certbot using the package manager. The following commands are for Ubuntu:

sudo apt update
sudo apt install certbot python3-certbot-nginx

Step 3: Obtain SSL Certificate

Now that Certbot is installed, you can obtain an SSL certificate for your domain. Replace your-domain.com with your actual domain.

sudo certbot certonly --nginx -d your-domain.com

Certbot will prompt you for your email address and ask you to agree to the terms of service. After that, it will automatically configure your Nginx web server and obtain the SSL certificate.

Step 4: Configure Nginx

Now that you have the SSL certificate, it’s time to configure your Nginx server to use it. Open your Nginx configuration file in your preferred text editor.

sudo nano /etc/nginx/sites-available/demo

Inside the configuration file, add or modify the following lines:

server {
    listen 80;
    server_name your-domain.com;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl;
    server_name your-domain.com;

    ssl_certificate /etc/letsencrypt/live/your-domain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/your-domain.com/privkey.pem;

    # Other SSL configurations go here
}

Save the file and exit your text editor.

Step 5: Test Nginx Configuration

Before you reload Nginx, it’s a good practice to test the configuration to avoid potential errors.

sudo nginx -t

If the test is successful, you should see a message confirming that the configuration is okay.

Step 6: Reload Nginx

Now, reload Nginx to apply the changes.

sudo systemctl reload nginx

Your website should now be accessible via HTTPS with a valid SSL certificate.

Step 7: Automate Certificate Renewal

SSL certificates issued by Let’s Encrypt (which Certbot uses) are only valid for 90 days. To automate the renewal process, set up a cron job:

sudo crontab -e

Add the following line to run the renewal process twice a day:

0 */12 * * * certbot renew

Save the file and exit your text editor. Certbot will automatically renew your certificates when they are close to expiration.

Congratulations! You have successfully configured SSL for your website using Certbot. Your website is now secure, and your users can access it via HTTPS.

Remember, SSL is a crucial aspect of web security, so keep your certificates up-to-date and enjoy the benefits of a secure and trustworthy website. :lock::rocket: