Configuring Nginx for HTTPS: A Step-by-Step Guide
In this tutorial, we will walk you through the process of setting up HTTPS on your web server using Let’s Encrypt. We will specifically focus on configuring Nginx as a reverse proxy for your Node.js apps. By the end of this guide, your apps will be served securely using HTTPS instead of the default HTTP.
Here are the steps we will cover:
- Install Certbot and the Certbot Nginx package
- Set up Nginx
- Generate the SSL certificate using Certbot
Install Certbot and the Certbot Nginx package
Before we proceed, make sure you are using a Linux distribution that uses apt-get
as the package manager (e.g., Ubuntu, Debian).
Open your terminal and run the following command to install Certbot and the Certbot Nginx package:
1 | sudo apt-get install certbot python3-certbot-nginx |
Set up Nginx
Next, we need to configure Nginx to use the correct server name. This step is essential for SSL. Open the Nginx configuration file using your preferred text editor. We will use nano
in this example:
1 | sudo nano /etc/nginx/sites-available/default |
Locate the server_name
line and enter your domain name:
1 | server_name my.domain.com; |
Save the changes and exit the text editor. Then, reload Nginx to apply the updated configuration:
1 | sudo systemctl reload nginx |
Make sure your firewall is already set up to accept HTTPS connections. You can check the status of your firewall by running the following command:
1 | sudo ufw status |
You should see Nginx Full
in the list. If you only see Nginx HTTP
, you will need to make the necessary changes. Consult your firewall documentation for instructions.
Generate the SSL certificate using Certbot
Now, it’s time to generate the SSL certificate using Certbot. Run the following command as root, replacing my.domain.com
with your actual domain name:
1 | sudo certbot --nginx -d my.domain.com |
During the process, you will be prompted to enter your email. This email will be used to communicate any issues related to the certificate.
We also recommend choosing the option to automatically redirect HTTP to HTTPS.
That’s it! Your SSL certificate has been generated and configured. The certificates issued by Let’s Encrypt are valid for 90 days, but don’t worry. Certbot is already set up for automated renewal.
To test the renewal process, you can run the following command:
1 | sudo certbot renew --dry-run |
If everything goes well, you will receive a successful message.
Congratulations! You have successfully configured Nginx for HTTPS. Your Node.js apps will now run securely on HTTPS without any additional changes required on your part.