/

Configuring Nginx for HTTPS: A Step-by-Step Guide

Configuring Nginx for HTTPS: A Step-by-Step Guide

In this tutorial, we will walk you through the process of setting up HTTPS on your web server using Let’s Encrypt. We will specifically focus on configuring Nginx as a reverse proxy for your Node.js apps. By the end of this guide, your apps will be served securely using HTTPS instead of the default HTTP.

Here are the steps we will cover:

  1. Install Certbot and the Certbot Nginx package
  2. Set up Nginx
  3. Generate the SSL certificate using Certbot

Install Certbot and the Certbot Nginx package

Before we proceed, make sure you are using a Linux distribution that uses apt-get as the package manager (e.g., Ubuntu, Debian).

Open your terminal and run the following command to install Certbot and the Certbot Nginx package:

1
sudo apt-get install certbot python3-certbot-nginx

Set up Nginx

Next, we need to configure Nginx to use the correct server name. This step is essential for SSL. Open the Nginx configuration file using your preferred text editor. We will use nano in this example:

1
sudo nano /etc/nginx/sites-available/default

Locate the server_name line and enter your domain name:

1
server_name my.domain.com;

Save the changes and exit the text editor. Then, reload Nginx to apply the updated configuration:

1
sudo systemctl reload nginx

Make sure your firewall is already set up to accept HTTPS connections. You can check the status of your firewall by running the following command:

1
sudo ufw status

You should see Nginx Full in the list. If you only see Nginx HTTP, you will need to make the necessary changes. Consult your firewall documentation for instructions.

Generate the SSL certificate using Certbot

Now, it’s time to generate the SSL certificate using Certbot. Run the following command as root, replacing my.domain.com with your actual domain name:

1
sudo certbot --nginx -d my.domain.com

During the process, you will be prompted to enter your email. This email will be used to communicate any issues related to the certificate.

We also recommend choosing the option to automatically redirect HTTP to HTTPS.

That’s it! Your SSL certificate has been generated and configured. The certificates issued by Let’s Encrypt are valid for 90 days, but don’t worry. Certbot is already set up for automated renewal.

To test the renewal process, you can run the following command:

1
sudo certbot renew --dry-run

If everything goes well, you will receive a successful message.

Congratulations! You have successfully configured Nginx for HTTPS. Your Node.js apps will now run securely on HTTPS without any additional changes required on your part.