Skip to content

How to Enable HTTPS on Nginx with Let's Encrypt (Free SSL)

DodaTech 1 min read

In this tutorial, you'll learn about How to Enable HTTPS on Nginx with Let's Encrypt (Free SSL). We cover key concepts, practical examples, and best practices.

The Problem

Your Nginx site runs on HTTP. You need HTTPS with a valid certificate. Let's Encrypt provides free certificates with automatic renewal.

Quick Fix

1. Install Certbot

# Ubuntu/Debian
sudo apt update
sudo apt install certbot python3-certbot-nginx

2. Get and install a certificate

sudo certbot --nginx -d example.com -d www.example.com

Expected output:

Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/example.com/fullchain.pem
Key is saved at:         /etc/letsencrypt/live/example.com/privkey.pem

Certbot automatically modifies your Nginx config to redirect HTTP to HTTPS.

3. Verify auto-renewal

sudo certbot renew --dry-run

Expected output:

Congratulations, all renewals succeeded.

Certbot adds a systemd timer that runs twice daily and auto-renews certificates expiring within 30 days.

4. Check your site

Visit https://example.com — you should see the padlock icon in the address bar.

Manual Renewal

sudo certbot renew

Troubleshooting

Issue Fix
DNS lookup failed Domain must point to your server's IP first
Cert only covers one domain Run with -d domain1.com -d domain2.com
Certificate about to expire Run sudo certbot renew manually

Built by the developers of DodaTech

Doda Browser, DodaZIP & Durga Antivirus Pro