Skip to content

AkshayG999/ssl_certification_nginx

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

39 Commits
public
public
 
 
AWS EC2 Setup.md
AWS EC2 Setup.md
 
 
README.md
README.md
 
 

Repository files navigation

title description keywords
Complete Guide to SSL Certificate Installation with Nginx | HTTPS Setup Tutorial
Step-by-step tutorial on setting up SSL/TLS certificates with Nginx. Learn how to secure your website with HTTPS, configure Nginx as a reverse proxy, and automate certificate renewal with Certbot.
ssl certificate, nginx https, tls setup, certbot nginx, secure website, https configuration, ssl installation, web security, free ssl, let's encrypt, reverse proxy

SSL Certification and HTTPS Configuration Guide for Nginx

This comprehensive guide walks you through setting up SSL/TLS certificates on Nginx to secure your website with HTTPS protocol, ensuring data encryption and better search engine rankings.

Install Nginx

sudo apt update && sudo apt install nginx

  1. Navigate to the Nginx sites-available directory:

     cd /etc/nginx/sites-available

  2. Edit the default file:

     sudo nano default



  1. Add your domain after server_name: Inside the server block in the default file, you’ll find a line starting with server_name. Add your domain name after this line. For example:

  • It seems like you’re configuring an Nginx server block to proxy requests to a backend server running on localhost port 8080. Here’s how you can set up the server block with the provided configuration:

      	 server_name example.com;

location / {
    proxy_pass http://localhost:8080;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
}

  1. Check Nginx Configuration:

    sudo nginx -t
    • This command checks the syntax of your Nginx configuration files for any errors.

  2. Reload Nginx:

    sudo systemctl reload nginx
    • This command reloads Nginx to apply any configuration changes made.

  3. Check Firewall Status:

    sudo ufw status
    • This command checks the status of the Uncomplicated Firewall (UFW) to see which rules are applied.

  4. Delete Nginx HTTP Rule:

    sudo ufw delete allow 'Nginx HTTP'
    • This command removes the rule allowing HTTP traffic to Nginx.

  5. Enable UFW:

    sudo ufw enable
    • This command enables the UFW firewall if it’s not already enabled.

  6. Allow SSH Access (Optional):

    sudo ufw allow 22
    • This command allows SSH traffic on port 22, which is necessary for remote access to the server.

  7. Allow Nginx Full (HTTP and HTTPS):

    sudo ufw allow 'Nginx Full'
    • This command allows both HTTP and HTTPS traffic to Nginx.

  8. Ensure Backend is Running:

    • Make sure your backend (likely your web application or server) is running before proceeding to the next step. This is important because Certbot will attempt to verify your domain’s ownership by accessing it over HTTP.

  9. Install CertBot First:

    sudo apt install software-properties-common
    sudo add-apt-repository universe
    sudo add-apt-repository ppa:certbot/certbot
    • Install Certbot: Once the repository is added, install Certbot's package using `apt`:
      • sudo apt install certbot python3-certbot-nginx

      certbot --version

  10. Obtain SSL Certificate with Certbot:

    sudo certbot --nginx -d <domain name or sub domain>
    • This command uses Certbot to obtain an SSL certificate for your domain using the nginx plugin. Replace <domain name or sub domain> with your actual domain name or subdomain.
      Command s

SSL Certificate Benefits and Best Practices

Why SSL Matters

  • Enhanced Security: Encrypts data transmitted between users and your website
  • Builds User Trust: Shows visitors their data is protected
  • SEO Advantage: Google ranks HTTPS sites higher in search results
  • Browser Compatibility: Avoids "Not Secure" warnings in modern browsers
  • Compliance: Helps meet data protection requirements (GDPR, PCI DSS)

SSL Certificate Management

  • Auto-renewal: Let's Encrypt certificates must be renewed every 90 days
  • Set up automatic renewal with: sudo certbot renew --dry-run
  • Add to crontab: 0 3 * * * /usr/bin/certbot renew --quiet

Troubleshooting Common SSL Issues

  1. Certificate Not Trusted: Ensure complete certificate chain installation
  2. Mixed Content Warnings: Update all resources to use HTTPS
  3. Certificate Mismatch: Verify domain name matches certificate
  4. Renewal Failures: Check DNS configuration and firewall settings

For more information on SSL/TLS, visit Let's Encrypt or Mozilla SSL Configuration Generator.

openssl command

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes
HTTPS=true SSL_KEY=key.pem SSL_CERT=cert.pem python main.py

About

SSL certification using Nginx and certBot

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published