Categories
Uncategorized

Setup SSL Certificate on Ubuntu

If you are hosting a website or web application on a ubuntu webserver and want to secure it with a ssl certificate, just follow the steps below. This tutorial got tested on Ubuntu 16.04 with Nginx.

Step 1 – Installing certbot

sudo apt-get install certbot
sudo apt-get update
sudo apt-get install python-certbot-nginx

Step 2 – Allowing HTTPS through the firewall

Check the current settings with

sudo ufw status

If you didn’t changed anything before, it should look like this

Status: active

To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere                  
Nginx HTTP                 ALLOW       Anywhere                  
OpenSSH (v6)               ALLOW       Anywhere (v6)             
Nginx HTTP (v6)            ALLOW       Anywhere (v6)

Allow the Nginx Full profile and delete the redundant Nginx HTTP profile

sudo ufw allow 'Nginx Full'
sudo ufw delete allow 'Nginx HTTP'

Check it again

sudo ufw status

Now it should look like this

Status: active

To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere
Nginx Full                 ALLOW       Anywhere
OpenSSH (v6)               ALLOW       Anywhere (v6)
Nginx Full (v6)            ALLOW       Anywhere (v6)

Step 3 – Obtain an SSL certificate

sudo certbot --nginx -d example.com -d www.example.com

Go through the configuration with your prefered settings.

Step 4 – Verify certbot auto renewal

sudo certbot renew --dry-run

If all steps were successfull you can check the SSL test, it will provide you an A grade.

Leave a Reply

Your email address will not be published. Required fields are marked *