Add SSL Certificate to your Website (nginx server)
There are some reason you should add SSL Certificate to you server:
- It’s safer
- If your front-end is using SSL, your backend should also using SSL
- …
There are some requirements that you have to prepare before adding SSL certificate to your server:
- You have to have a domain name
- That domain has to point to your IP
- (This is article is tested with nginx webserver, haven’t test with others)
Step 1: Setup your firewall
In this example I’m using Uncomplicated Firewall (ufw)
- Install ufw:
sudo apt update
sudo apt install ufw
- Setting firewall:
sudo ufw allow ssh
sudo ufw allow http
sudo ufw allow https
- Enable and check it’s status:
sudo ufw enable
sudo ufw status
Step 2: Install Snap and CertBot
- Install Snap:
sudo apt update
sudo apt install snapd
sudo snap install core
sudo snap refresh core
- Install CertBot:
sudo apt remove certbot #remove previous version
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
Step 3: Using CertBot to add certificate:
Run below command and answer a series question to get the certificate:
sudo certbot --nginx
=> DONE! Now you can access your domain with https
Step 4: Checking the details
Basicly CertBot will create for you a SSL certification and create an server proxy that accept these certification.
You can check it at: ```cat /etc/nginx/sites-available/default```
The privkey.pem and fullchain.pem, you can use for another https methods.
ref: https://www.linode.com/docs/guides/enabling-https-using-certbot-with-nginx-on-ubuntu/