Add SSL Certificate to your Website (nginx server)

There are some reason you should add SSL Certificate to you server:

• It’s safer
• If your front-end is using SSL, your backend should also using SSL
• …

There are some requirements that you have to prepare before adding SSL certificate to your server:

• You have to have a domain name
• That domain has to point to your IP
• (This is article is tested with nginx webserver, haven’t test with others)

Step 1: Setup your firewall

In this example I’m using Uncomplicated Firewall (ufw)

• Install ufw:

sudo apt update
sudo apt install ufw

• Setting firewall:

sudo ufw allow ssh
sudo ufw allow http
sudo ufw allow https

• Enable and check it’s status:

sudo ufw enable
sudo ufw status

Step 2: Install Snap and CertBot

• Install Snap:

sudo apt update
sudo apt install snapd
sudo snap install core
sudo snap refresh core

• Install CertBot:

sudo apt remove certbot #remove previous version 
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot

Step 3: Using CertBot to add certificate:

Run below command and answer a series question to get the certificate:

sudo certbot --nginx

=> DONE! Now you can access your domain with https

Step 4: Checking the details

Basicly CertBot will create for you a SSL certification and create an server proxy that accept these certification.

You can check it at: ```cat /etc/nginx/sites-available/default```

default (nginx)

The privkey.pem and fullchain.pem, you can use for another https methods.

ref: https://www.linode.com/docs/guides/enabling-https-using-certbot-with-nginx-on-ubuntu/