Install and configure free Let’s Encrypt SSL certificates

by Prasad Domala
0 comment

In this blog you can find the commands I used in the video explaining installation and configuration of Let’s Encrypt Certificates. Please watch the video for a detailed explanation and demo.

Let's Encrypt installation & configuration

Edit Nginx configuration to allow /.well-known/acme-challenge

vim /etc/nginx/sites-available/default
# Add below section
location ^~ /.well-known/acme-challenge/ {
  allow all;
# Save and reload nginx
service nginx reload 

Install GIT and clone Certbot repository under /opt (or any directory of your choice)

sudo apt install -y git
cd /opt
git clone 

Create certificates for your domain using certbot-auto. Make sure you change your domain name, email address and domain root accordingly

cd /opt/certbot
./certbot-auto certonly --webroot -w /var/www/html -d --non-interactive --agree-tos --email 

Edit Nginx configuration to enable SSL and add new Let’s Encrypt Certificates. Change the certificate path based on your domain name

vim /etc/nginx/sites-available/default
# Add below lines to the configuration and reload nginx
listen 443 ssl default_server;
ssl_certificate    /etc/letsencrypt/live/;
ssl_certificate_key    /etc/letsencrypt/live/;
service nginx reload 

Certificate renewal

cd /opt/certbot
./certbot-auto renew --webroot -w /var/www/html --force-renewal 

Leave a Comment