Using SSL (Secure Sockets Layer) certificates to secure your web apps/services is essential in the modern digital environment to safeguard sensitive data and maintain user confidence. This article will walk you through the process of installing SSL certificates for each application using distinct server blocks if you're running numerous applications on an Ubuntu server configures with Nginx.
*System package updates
On Ubuntu computers, this is a recommended procedure.
Run the following commands to verify that your system is up to date:
sudo apt update sudo apt upgrade
*Configure the Certbot Nginx Plugin
Now, use the Certbot and the Nginx plugin to streamline the SSL certificate installation process. Use the following command to install the Certbot Nginx plugin:
sudo apt install python3-certbot-nginx
*Configure Nginx Server Blocks
Assuming you have already set up your server blocks for each application in the Nginx configuration directory (usually located at /etc/nginx/sites-available/), make sure you have the necessary server blocks for your applications. Each server block should define the server name, port, root directory, and other relevant configuration options.
PS: I've already done this; I may just churn out another article for this process
*Obtain SSL certificates
Let's use the Certbot Nginx plugin to get SSL certificates for each of your applications right away. Run the following command, substituting your real domain names for example.com:
sudo certbot --nginx -d example1.com -d www.example2.com
Note: This command will automatically detect your Nginx server blocks and configure SSL certificates for each domain.
*Test to Obtain SSL Certificates Renewal of SSL Certificate
In order to guarantee that your SSL certificates are always current, Certbot offers an auto-renewal feature. Use the next command to test the renewal procedure:
sudo certbot renew --dry-run
Note: You must get a successful test renewal log like this to be sure the periodic renewal will work for you.
At this stage, you should receive a confirmation email from Certbot on the email address you specified for receiving updates for renewals and security notices.
You might get an error response when you try to obtain the certificates using certbot if you install using this command:
sudo apt install certbot
_Saving debug log to /var/log/letsencrypt/letsencrypt.log
The requested nginx plugin does not appear to be installed
To fix this, use the command on the step for configure the Certbot Nginx Plugin stated previously