Get and install Let’s Encrypt SSL on Nginx Ubuntu 14.04.4 LTS

By | 01/06/2016

Installing LetsEncrypt
First You need to run commands below.

sudo apt-get update
sudo apt-get -y install git bc
sudo git clone /opt/letsencrypt

Run this once and complete installation.


Configuring default website for webroot plugin
To use webroot plugin need to edit default website config and change location block. Letsencrypt use this site as validation.

sudo vi /etc/nginx/sites-available/default
location ~ /.well-known 
                allow all;

Reload nginx configuration.

sudo service nginx reload

Then you can request and create your certificate.

Getting Certificate
Following command creates your certifcate files. You need to change webroot-path and domain name with yours. webroot path should be your default website’s home directory.

cd /opt/letsencrypt
./letsencrypt-auto certonly -a webroot --webroot-path=/usr/share/nginx/html -d -d

Follow wizard and complete steps.

After this Letsencrypt creates links of certificate files in /etc/letsencrypt/live/ folder.

Configure Nginx

add following lines to server block of your website configuration file listen 443 and use your ssl files.

    listen 443 ssl;
    ssl on;
    ssl_certificate         /etc/letsencrypt/live/;
    ssl_certificate_key     /etc/letsencrypt/live/;
    ssl_trusted_certificate /etc/letsencrypt/live/;

Renewing Certificate

Your certificate will be expire in 3 months. You can renew your certificates. If you want create a crontab and renew your certificates automaticly.

/opt/letsencrypt/letsencrypt-auto renew
sudo service nginx reload