Certbot Nginx Certonly

Certbot is a free, open-source software tool used to automate the process of obtaining and renewing SSL/TLS certificates. In this tutorial, we will focus on using Certbot with the Nginx web server to obtain a certificate and configure SSL encryption for a website.

Prerequisites

Before we begin, ensure that you have:

1. A server running Nginx
2. A registered domain name pointing to your server's IP address
3. SSH access to your server as a sudo user

Step 1: Install Certbot

To install Certbot, run the following commands:

sudo apt-get update
sudo apt-get install certbot python3-certbot-nginx

Step 2: Obtain a Certificate

To obtain a certificate for your domain, run the following command:

sudo certbot --nginx certonly -d yourdomain.com

This will initiate the certificate issuance process for the specified domain. You will need to follow the prompts and provide the requested information.

Step 3: Configure Nginx to Use the Certificate

After obtaining the certificate, you need to configure Nginx to use it. You can do this by updating the SSL configuration file at /etc/nginx/sites-available/yourdomain.com with the following lines:

listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem;

Restart Nginx to apply the changes:

sudo systemctl restart nginx

Conclusion

Congratulations! You now have an SSL/TLS certificate installed on your Nginx web server. Certbot has greatly simplified the process of obtaining and renewing SSL/TLS certificates, making it easier than ever to secure your websites.