Install Free Ssl Certificate On Ubuntu Nginx

Nov 11, 2019 11:30 AM Apr 24, 2020 5:30 PM Free ssl certificate godaddy

In this tutorial, we are going to install Certbot, and then use it to get a free SSL certificate for Nginx on Ubuntu 18.04. We will also set up this certificate to renew automatically, so you don’t have to spend hours maintaining it. Jun 20, 2020 I am running a Ubuntu 18.04 server on AWS Lightsail, using nginx. I have a purchased SSL certificate for my domain name through the domain registrar ( - I can download the 'certificate' and the 'key' as long strings of text characters/symbols. How do I then 'install' this SSL certificate onto my Nginx server?

In this article I will explain how to add a self-signed SSL certificate to the Nginx server on the Debian/Ubuntu operating system. A self-signed certificate is a certificate created and signed by the same person. This certificate is not signed by a certification authority and is used only for testing on a local server.

After your Certificate is issued by the Certificate Authority, you’re ready to begin installation on your NGINX server. Follow these steps: Step 1: Combine Certificates Into One File The Certificate Authority will email you a zip-archive with several.crt files. You need to link the Certificate issued for your domain with intermediate and root certificates.Read more. Step 3: Edit Virtual Hosts File. Next, you will need to find your NGINX virtual hosts file and add some code to point it to your new SSL certificate. As soon as you have opened your virtual hosts file, create a copy of the existing non-secure server module and paste it below the original. Please Note If you need your site to be accessible.

You can also add a trusted SSL certificate for the local environment in Nginx on Debian/Ubuntu (using root CA). If this instruction seems complicated to you, try a simpler article on how to add a trusted self-signed SSL certificate to Nginx on Debian/Ubuntu, but this solution does not always work.

This instruction was executed on operating systems: Debian 10, Debian 9, Ubuntu 20.10, Ubuntu 20.04, Ubuntu 19.10.

The OpenSSL cryptographic library is often used to create SSL certificates. The openssl package should be in the distribution, but if for some reason it is not there, then let's install it.

Before any software installation, it is recommended to update the list of repository packages by running the command in the terminal:

Install OpenSSL by running the command in the terminal:

Ssl For Free

Now let's create a self-signed SSL certificate with a private key by running the command in the terminal:


  • req is a command that indicates the use of X.509 (certificate signing request management);
  • -x509 is a certificate data management command, indicates the creation of a self-signed certificate;
  • -nodes is a command that skips the use of a passphrase;
  • -days 3650 is a team that sets the certificate validity period in days (we set it to ten years);
  • -newkey rsa: 2048 is a command that generates a new private key using the RSA algorithm with a key length of 2048 bits;
  • -keyout /etc/ssl/private/localhost.key is the path to placing the private key file;
  • -out /etc/ssl/certs/localhost.crt is the path to place the certificate file.

In the process of generating the certificate, several questions will be asked. You can skip them:

Let's enable SSL in the Nginx server configuration. We will specify listening on port 443 (HTTPS) and the path to the certificate and private key files. Edit the server configuration file /etc/nginx/sites-available/default:

Free Ssl Certificate For Wordpress

Save the changes and close the file. Check the configuration for validity by running the command in the terminal:

Now apply the configuration changes by running the command in the terminal:

Let's check that our Nginx server is accessible via the HTTPS protocol by entering the following address in the browser:


Since the certificate we created was not signed by one of the trusted certification authorities of your browser, you will most likely see a warning that your connection is not secure:

Free Ssl Certificate Generator

Do not worry, this is normal. Just add an exception in the browser:

Install Free Ssl Certificate On Ubuntu Nginx Download

Your connection will now be encrypted using the HTTPS protocol. However, a message will still be displayed stating that the connection is not secure — this simply means that the certificate cannot be verified by a trusted certificate authority:

Install Free Ssl Certificate On Ubuntu Nginx File