Here’s a clear, practical way to add SSL (HTTPS) to a server on Ubuntu. The most common and easiest method is using Certbot with Let's Encrypt (free SSL certificates).
🔒 Method 1: Use Let’s Encrypt (Recommended)
1. Update your system
sudo apt update
sudo apt upgrade -y
2. Install Certbot
For Nginx:
sudo apt install certbot python3-certbot-nginx -y
For Apache:
sudo apt install certbot python3-certbot-apache -y
3. Get SSL certificate
Nginx:
sudo certbot --nginx
Apache:
sudo certbot --apache
You’ll be prompted to:
- Enter your email
- Agree to terms
- Choose your domain
- Optionally redirect HTTP → HTTPS (choose YES)
4. Verify SSL
Open your site:
https://yourdomain.com
5. Auto-renew SSL
Let’s Encrypt certs expire every 90 days, but auto-renew is usually set up automatically.
Test it:
sudo certbot renew --dry-run
⚙️ Method 2: Manual (Advanced / Custom setups)
If you're not using Apache/Nginx automation:
Generate certificate:
sudo certbot certonly --standalone -d yourdomain.com
Certificates will be stored in:
/etc/letsencrypt/live/yourdomain.com/
Then configure your server manually with:
-
fullchain.pem -
privkey.pem
📌 Common Requirements
Make sure:
- Your domain points to your server (DNS configured)
- Ports are open:
sudo ufw allow 80
sudo ufw allow 443
🧠 Quick Troubleshooting
- If Certbot fails → check DNS propagation
- If port 80 is busy → stop conflicting services:
sudo systemctl stop nginxNotes:$ apt install apache2 openssl
$ a2enmod ssl
$ systemctl restart apache2
$ apt install certbot python3-certbot-apache
$ certbot --apache
No comments:
Post a Comment