📅 最后修改于: 2023-12-03 14:44:35.586000 🧑 作者: Mango
Nginx is a popular web server and reverse proxy that is frequently used by developers to serve their applications on the web. By default, Nginx serves data over HTTP, but it can be configured to serve data over HTTPS as well.
Let's Encrypt is a free, automated, and open Certificate Authority that provides SSL/TLS certificates to any website, allowing them to encrypt all the data that is communicated between the server and the client.
In this guide, we will show you how to install and configure Nginx with Let's Encrypt SSL/TLS certificates using Shell-Bash.
To install Nginx, run the following command:
sudo apt update
sudo apt install nginx
Once you have installed Nginx, you can configure it to serve your website. To do this, you need to create a server block. A server block is a configuration file that instructs Nginx to listen on a specific domain name and serve the web application.
To create a server block, open the /etc/nginx/sites-available/ directory and create a new configuration file with a .conf extension. In this example, we will name the file example.com.conf.
sudo nano /etc/nginx/sites-available/example.com.conf
Append the following configuration to the file:
server {
listen 80;
server_name example.com www.example.com;
location / {
proxy_pass http://localhost:3000;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Save the configuration file and exit the text editor.
Next, create a symbolic link to the sites-enabled directory:
sudo ln -s /etc/nginx/sites-available/example.com.conf /etc/nginx/sites-enabled/
Finally, test the Nginx configuration to ensure that there are no errors:
sudo nginx -t
If there are no errors, restart Nginx to apply the changes:
sudo systemctl restart nginx
Certbot is a command-line tool that automates the process of obtaining and renewing SSL/TLS certificates from Let's Encrypt. To install Certbot, run the following command:
sudo apt install certbot python3-certbot-nginx
Now that Nginx and Certbot are installed, we can generate Let's Encrypt SSL/TLS certificates for our website. To do this, run the following command:
sudo certbot --nginx -d example.com -d www.example.com
This command will prompt you to enter your contact email address for security notices, and then ask you to agree to the Let's Encrypt Terms of Service.
After you provide this information, Certbot will automatically attempt to verify your domain name and generate SSL/TLS certificates.
If everything goes smoothly, Certbot will modify your Nginx configuration to enable HTTPS for your website.
To test that everything is working as expected, visit your website in a web browser using the HTTPS protocol. You should see a lock icon indicating that your connection is secure, and no warnings or errors.
Congratulations! You have successfully installed and configured Nginx with Let's Encrypt SSL/TLS certificates using Shell-Bash.