How to Install Let's Encrypt SSL Cert With Ubuntu & Nginx

In this tutorial, we will install a new Let's Encrypt certificate using Certbot on an Ubuntu machine running an Nginx HTTP server.

 

Install snapd

The easiest way to install Cerbot is with the snapd package manager. Let's make sure it is installed and up-to-date using the following command:

 

sudo snap install core; sudo snap refresh core

 

Install Certbot

Now let's install Certbot for Nginx VIA snapd with the following command:

 

sudo snap install --classic certbot

 

Let's create a symbolic link for the certbot command so we don't need to execute it VIA its full path every time.

 

sudo ln -s /snap/bin/certbot /usr/bin/certbot

 

Install Certificates

To install certificates and automatically configure your Nginx config files to redirect traffic to HTTPS use the following command:

 

sudo certbot --nginx

 

If you just want certificates and intend to configure your Nginx config files manually use the certbot certonly command like this:

 

sudo certbot certonly --nginx

 

Follow the on-screen instructions to create a cert.

 

Test Auto-Renewal

Certbot will automatically renew certs when required. To test this feature is working run:

 

sudo certbot renew --dry-run
Congratulations, all simulated renewals succeeded:
/etc/letsencrypt/live/example.com/fullchain.pem (success)
/etc/letsencrypt/live/example2.com/fullchain.pem (success)

 

It's a good idea to test the auto-renew for the peace of mind of knowing it will work.