Adding a free SSL Certificate to an Nginx Site Using Certbot

Adding a free SSL Certificate to an Nginx Site Using Certbot

Securing Your Nginx Site: A Step-by-Step Guide to Installing Free SSL with Certbot


In today's digital world, security is paramount, especially when it comes to transmitting sensitive information over the internet. One of the most effective ways to secure your website is by using an SSL certificate. In this blog post, we will guide you through the process of adding an SSL certificate to your Nginx site using Certbot, a free and open-source tool for managing SSL certificates.

What is SSL and Why is it Important?

SSL (Secure Sockets Layer) is a security protocol that encrypts the data transmitted between a user's web browser and the web server. This encryption ensures that the data remains private and secure, protecting it from being intercepted by malicious actors.

Having an SSL certificate installed on your website not only helps protect your users' data but also improves your website's trustworthiness and search engine ranking. With the rise of cybersecurity threats, having an SSL certificate has become necessary for all websites.


Before we begin, make sure you have the following:

  • A domain name pointing to your server's IP address.

  • Nginx installed on your server.

  • sudo access to your server.

Step 1: Install Certbot

Certbot is available in the default Ubuntu repositories. You can install it using the following commands:

sudo apt update
sudo apt install certbot python3-certbot-nginx

Step 2: Obtain an SSL Certificate

To obtain an SSL certificate for your domain, run the following command:

sudo certbot --nginx -d

Replace with your domain name. Certbot will automatically detect your Nginx configuration and update it to use the SSL certificate.

Step 3: Configure Nginx to Use the SSL Certificate

Certbot automatically updates your Nginx configuration to use the SSL certificate. You can verify this by checking your Nginx configuration file (usually located at /etc/nginx/sites-available/default or /etc/nginx/nginx.conf). You should see lines similar to the following:

server {
    listen 443 ssl;

    ssl_certificate /etc/letsencrypt/live/;
    ssl_certificate_key /etc/letsencrypt/live/;


Step 4: Test the Configuration and Restart Nginx

Before you restart Nginx, it's important to test the configuration to ensure there are no syntax errors. You can do this by running:

sudo nginx -t

If the test is successful, restart Nginx to apply the changes:

sudo systemctl restart nginx

Step 5: Verify the SSL Certificate

To verify that your SSL certificate is installed correctly, visit your website using https:// in your web browser. You should see a padlock icon indicating that your connection is secure.

Step 6: Automate Certificate Renewal (Optional)

SSL certificates expire after a certain period, so automating the renewal process is important. Certbot automatically sets up a cron job to renew your certificates. You can test the renewal process with the following command:

sudo certbot renew --dry-run
In this blog post, we've covered how to add an SSL certificate to your Nginx site using Certbot. By following these steps, you can secure your website and protect your users' data. Remember to renew your SSL certificate to ensure continuous protection regularly.

Did you find this article valuable?

Support ByteScrum Technologies by becoming a sponsor. Any amount is appreciated!