ubuntu certbot nginx - Shell-Bash (1)

📌 相关文章

📜 ubuntu certbot nginx - Shell-Bash (1)

📅 最后修改于: 2023-12-03 15:20:44.169000 🧑 作者: Mango

Ubuntu, Certbot, and Nginx

Introduction

If you're setting up a website or application on a server, you'll need to configure a web server such as Nginx to handle incoming requests. And if you're handling sensitive data, you'll want to ensure that all traffic to and from your server is encrypted using SSL/TLS.

Luckily, Ubuntu and Nginx have an easy-to-use tool called Certbot that can handle SSL/TLS certificate management for you.

In this tutorial, we'll cover how to install and use Certbot with Nginx on Ubuntu.

Prerequisites

Before we begin, you'll need to have:

A server running Ubuntu 18.04 or later
A domain name pointing to your server's IP address
A non-root user with sudo privileges

Step 1: Install Nginx

First, we'll install Nginx using the apt package manager:

sudo apt update
sudo apt install nginx

Once Nginx is installed, you can verify that it's running with the following command:

sudo systemctl status nginx

You should see output indicating that the Nginx service is active and running.

Step 2: Install Certbot

Now, we'll install Certbot. Ubuntu has a package for Certbot, but it's often outdated. To ensure we have the latest version, we'll use Certbot's official PPA:

sudo add-apt-repository ppa:certbot/certbot
sudo apt update
sudo apt install certbot python3-certbot-nginx

This will install both Certbot and the Certbot Nginx plugin.

Step 3: Configuring Nginx

Next, we'll configure Nginx to serve our website and enable HTTPS.

Create a new server block file for your domain under the /etc/nginx/sites-available/ directory:

sudo nano /etc/nginx/sites-available/example.com

Replace example.com with your own domain name.

In this file, add the following configuration block:

server {
    listen 80;
    listen [::]:80;

    server_name example.com;

    location / {
        return 301 https://$server_name$request_uri;
    }
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    server_name example.com;

    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

    root /var/www/example.com/html;
    index index.html;

    location / {
        try_files $uri $uri/ =404;
    }
}

Replace all instances of example.com with your own domain name.

Save and exit the file.

Now, create a symbolic link to this file in the sites-enabled directory:

sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/

Step 4: Obtaining a TLS Certificate with Certbot

With Nginx configured, we can now use Certbot to obtain a TLS certificate.

Run the following command to obtain a certificate using the Certbot Nginx plugin:

sudo certbot --nginx

This will start an interactive process where you'll be prompted for information about your domain and contact information.

If everything goes well, Certbot will obtain a certificate and automatically configure Nginx to use HTTPS.

Step 5: Test HTTPS Access

Finally, test that HTTPS is working by opening your website in a web browser using https:// instead of http://.

If you're able to access your website over HTTPS without any errors, then you've successfully set up Certbot with Nginx on Ubuntu!