Versions Compared

Version Old Version 1 New Version 2
Changes made by

Gaspar

Gaspar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Certbot - SSL Certificate

Having an SSL certificate ensures a secure connection between users and the server, and that no data is compromised while it is traveling over the internet. This allows users to connect using HTTPS protocol over port 443.

This guide assumes the server already has a domain and the necessary DNS record/s have been created. Also we are assuming Ngnix is installed

  1. Open ports 80 and 443, belonging to HTTP and HTTPS respectively. Port 22 is also required.

  2. Connect via SSH to the server with a user with sudo privileges.

  3. Install Certbot

    Code Block
    sudo snap install --classic certbot

  4. Prepare the Certbot command

    Code Block
    sudo ln -s /snap/bin/certbot /usr/bin/certbot

  5. Generate the certificate, this will also automatically edit the nginx configuration to serve it.

    Code Block
    sudo certbot --nginx

    1. Certbot will ask some questions, like an email to send notifications about certificate renewals.

    2. After the initial questions, Certbot will ask for the domain names to issue the certificate. It will try to access the server over port 80 using the domain name, so the DNS records must be already configured.

  6. Test that Certbot is capable of renewing the certificate, otherwise after a couple of months it will expire and users will lose access to the services.

    Code Block
    sudo certbot renew --dry-run
    image-20241001-222438.pngImage Added

Official installation guide: https://certbot.eff.org/instructions?ws=nginx&os=snap

Official documentation: https://eff-certbot.readthedocs.io/en/stable/