Loading...When it comes to securing your website with HTTPS, Let’s Encrypt’s Certbot is a popular choice due to its free SSL certificates and ease of use. While installing Certbot using Snapd is a common method, it doesn’t always work seamlessly on all systems, especially on older versions like Ubuntu 16.04. This guide provides an alternative method to install Certbot that works reliably on Ubuntu 16.04 with Nginx.
Contents
Prerequisites for installing Certbot on Ubuntu using this method
- A server running Ubuntu 16.04.
- A domain name pointing to your server’s IP address.
- Nginx installed and running.
Step 1: Install Certbot
First, we need to add the Certbot repository. Open your terminal and run the following commands:
sudo apt-get update
sudo apt-get install software-properties-common
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
Now, install Certbot:
sudo apt-get install certbot python-certbot-nginx
Step 2: Configure Nginx
Certbot needs to interact with Nginx to verify the domain and configure the SSL certificate. Ensure your Nginx configuration file has the correct server block.
Open your Nginx configuration file. Typically, it is located in /etc/nginx/sites-available/your_domain or /etc/nginx/sites-enabled/your_domain.
Here is an example configuration:
server {
listen 80;
server_name your_domain.com www.your_domain.com;
location / {
proxy_pass http://localhost:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Replace your_domain.com with your actual domain name. Save and close the file.
Then, test the Nginx configuration and reload it:
sudo nginx -t
sudo systemctl reload nginx
Step 3: Obtain the SSL Certificate
Now, run Certbot with the Nginx plugin to obtain and install the SSL certificate:
sudo certbot --nginx -d your_domain.com -d www.your_domain.com
Certbot will automatically obtain and install the SSL certificate. You will be prompted to enter your email address and agree to the terms and conditions.
Certbot will then ask if you want to redirect HTTP traffic to HTTPS. It is recommended to choose 2 to redirect all traffic to HTTPS.
Step 4: Verify your LetsEncrypt SSL Certificate
After Certbot completes, you can verify the SSL certificate installation by visiting your site in a web browser at https://your_domain.com. You should see a padlock icon in the address bar, indicating that the site is secure.
Step 5: Automatic Renewal
Let’s Encrypt certificates are valid for 90 days, but Certbot will automatically renew them. To ensure this, Certbot installs a cron job that runs twice a day and renews any certificate within 30 days of expiration.
To check the renewal process, you can run:
sudo certbot renew --dry-run
This will simulate the renewal process and report any issues.
Congratulations, you have successfully installed a Let’s Encrypt SSL certificate using Certbot on Ubuntu 16.04 with Nginx. Your website is now secured with HTTPS, and Certbot will handle automatic renewals.