Secure Nginx with Let's Encrypt on Ubuntu

Let’s Encrypt is a Certificate Authority (CA) that provides an easy way to obtain and install free TLS/SSL certificates, thereby enabling encrypted HTTPS on web servers. It simplifies the process by providing a software client, Certbot, that attempts to automate most (if not all) of the required steps. Currently, the entire process of obtaining and installing a certificate is fully automated on both Apache and Nginx.
In this tutorial, you will use Certbot to obtain a free SSL certificate for Nginx on Ubuntu 20.04 and set up your certificate to renew automatically.
This tutorial will use a separate Nginx server configuration file instead of the default file. We recommend creating new Nginx server block files for each domain because it helps to avoid common mistakes and maintains the default files as a fallback configuration.
Prerequisites
To follow this tutorial, you will need:
-
One Ubuntu 20.04 server set up by following this initial server setup for Ubuntu 20.04 tutorial, including a sudo-enabled non-root user and a firewall.
A registered domain name. This tutorial will use example.com
throughout. You can purchase a domain name from Stuxhost, get one for free with Freenom, or use the domain registrar of your choice.
-
Both of the following DNS records set up for your server.
- An A record with
example.com
pointing to your server’s public IP address. - An A record with
www.example.com
pointing to your server’s public IP address.
- An A record with
-
Nginx installed. Be sure that you have a server block for your domain. This tutorial will use
/etc/nginx/sites-available/example.com
as an example.
Source: DigitalOcean