Today we will look into the ways to enable SSL on a site of mine hosted on a cloud vendor. SSL is very important for all the sites I believe nowadays, previously it used to be considered vital if you have payment integration or to have SSL on login pages. Now, even Google will soon start tagging non-SSL sites as non-secure.
The site where we will be enabling SSL has Nginx as proxy frontend web server, and the OS it is on is Ubuntu 16.04 LTS. We will be using LetsEncrypt which is a free CA (Certificate Authority) provider to enable SSL or HTTPS on any site. We will use Certbot utility to obtain the required certificate.
First, add the repository:
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
Now, install Certbot utility by running the following command,
sudo apt-get install python-certbot-nginx
Certbot will take care of automatically configuring SSL for Nginx. What one has to make sure for Certbot to configure is to have a right server block in Nginx config, and to be specific the server_name directive. You can find the config normally in the path,
/etc/nginx/sites-available/example where example is a dummy name we have, you could have some other name. Open, the config, and you should find or add the following line if you are generating SSL for example.com and www.example.com.
server_name example.com www.example.com;
save the file and run the command to test if all the config is fine,
sudo nginx -t
If no errors and all good, than reload nginx,
sudo systemctl reload nginx
Now to obtain the certificate, run the following command,
sudo certbot --nginx -d example.com -d www.example.com
It will take you through steps, such as administrative email and if redirection is needed, chose accordingly.
If everything is ok, it should say that certificate has been created successfully, and in this case you could visit your site and it should have https enabled.