Complete Guide to the Installation and Configuration of https ssl with nginx on debian 10 – idubir

1. Update the system

Always do the system update before the new package installation.

sudo apt update && sudo apt upgrade -y

2. Install Nginx

If Nginx has not been installed, install with the following command:

sudo apt install nginx -y

After the installation, activate and start the Nginx service:

sudo systemctl enable nginx
sudo systemctl start nginx

3. Open the HTTP Port (80) and HTTPS (443)

Make sure the firewall is open to HTTP and HTTPS.

sudo ufw allow 'Nginx Full'

Check the Firewall status:

sudo ufw status

4. Install Certbot and Nginx plugin

Certbot is a tool used to obtain and manage SSL certificates from Let’s Encrypt.

Install Certbot and Nginx Plugin:

sudo apt install certbot python3-certbot-nginx -y

5. Nginx Virtual Host Configuration

Create a new configuration file for your domain or adjust the existing configuration.

sudo nano /etc/nginx/sites-available/nama_virtualhost

Add the following configuration for your domain:

server {
listen 80;
server_name _;
root /home/tjkt/html;
index index.html index.htm index.nginx-debian.html index.php;
location / {
try_files $uri $uri/ =404;
}
}

Save the file and exit the editor.

Activate a virtual host configuration by creating a symbolic link to the directory sites-enabled:

sudo ln -s /etc/nginx/sites-available/nama_virtualhost /etc/nginx/sites-enabled/

Nginx configuration verification to ensure there are no errors:

sudo nginx -t

If there are no errors, restart nginx:

sudo systemctl restart nginx

6. Get a SSL certificate

Now, run the Certbot to get an SSL certificate and configure Nginx automatically.

Use the following command:

sudo certbot --nginx -d nama_virtualhost -d nama_virtualhost

The above command asks for a SSL certificate for your domain and subdomain www. Follow the instructions that appear on the screen.

If successful, you will see a message that confirms that the SSL certificate has been obtained and Nginx has been reconfigured.

7. Verification of SSL certificates

After the SSL certificate is successfully applied, verify by opening a browser and accessing your domain using https://ip_address. If SSL functions, the lecture icon will appear in the address blade.

8. Automatic SSL Certificate Update Settings

The certificate from Let’s Encrypt is valid for 90 days, so you need to rely on it regularly. Certbot provides an option to update the certificate automatically.

To test automatic updates, run the following command:

sudo certbot renew --dry-run

If there is no problem, Certbot will update the certificate automatically before the validity period runs out.

9. Set HTTP Redirect to HTTPS (Optional)

To ensure that all traffic is transferred to https, you can edit the Nginx configuration file:

sudo nano /etc/nginx/sites-available/nama_virtualhost

Add the following block to the top of the configuration file:

server {
listen 80;
server_name _;
return 301 https://$host$request_uri;
}

Save and exit the editor, then restart nginx:

sudo systemctl restart nginx

Cover

By following the complete guide to the installation and configuration of https ssl with nginx on debian 10, you have successfully installed and configuration https ssl with nginx on debian 10. Thus this guide is made, hopefully this guide is useful for you!

Also read articles about: Nginx Web Server Installation and Configuration Guide on Debian 10