How to install Let’s Encrypt on Nginx

Everything Linux, A.I, IT News, DataOps, Open Source and more delivered right to you.
"The best Linux newsletter on the web"

Hello, friends. In this post, you will learn how to install Let’s Encrypt on Nginx. This allows us to install certificates and access via HTTPS.

Before we start, we need to have a fully functional domain available.

Install Nginx on Linux

The first thing to do is to install Nginx on your Linux distribution. Almost all distributions have this application packaged in their official repositories.

About Debian, Ubuntu and all members of this family you have to run

sudo apt update
sudo apt install nginx

Regarding the Red Hat family, just run

sudo dnf install nginx

You can then check the status of the service.

sudo systemctl status nginx

The next step is to open ports 80 and 443 on the firewall. The procedure will depend on your Linux distribution.

Install Certbot on Linux

Certbot is a client for easy installation of Let’s Encrypt certificates. This is the recommended method for the tutorial.

In the case of Debian, Ubuntu and family members, certbot is installed as well as its Nginx plugin. So all that remains is to run.

sudo install certbot python3-certbot-nginx

Just like that, we have the client installed.

Regarding RHEL, Rocky Linux and other members of the family, we have to add the EPEL repository.

sudo dnf install epel-release 

And then install certbot without any problems using the command

sudo dnf install certbot python3-certbot-nginx

This way we will have it installed on the system without any problems.

Now, let’s secure Nginx by installing Let’s Encrypt certificates.

how to install Let’s Encrypt on Nginx

Once certbot is installed, the next step is to install the certificates with the following command

sudo certbot --nginx -d domain

This will start the whole process. First type in the site administrator’s email address.

Then accept the license terms and finally the process will continue.

1.- Secure Nginx with Let's Encrypt
1.- Secure Nginx with Let’s Encrypt

When it finishes, you will get an output like this

2.- Let's Encrypt working
2.- Let’s Encrypt working

And you are done.

Renewing the certificate

Nowadays, thanks to the good work of Certbot, the renewal is automatic every 90 days. However, you can run the following command to check for any errors

sudo certbot renew --dry-run
3.- install Let's Encrypt on Nginx
3.- install Let’s Encrypt on Nginx

This indicates that there will be no error when renewing the certificate.

Checking for changes

To find out if the entire process was successful, open a web browser and visit https://your-domain.

4.- Let's Encrypt on Nginx
4.- Let’s Encrypt on Nginx

And see how in the connection section, it indicates that it is secure thanks to Let’s Encrypt.


In this short post, you learned how to secure Nginx with Let’s Encrypt. You can also learn other tutorials with Nginx.

More Nginx tricks

Everything Linux, A.I, IT News, DataOps, Open Source and more delivered right to you.
"The best Linux newsletter on the web"
I am Angelo. A systems engineer passionate about Linux and all open-source software. Although here I'm just another member of the family.



Please enter your comment!
Please enter your name here

Latest articles

Join us on Facebook