Here are the steps to install SSL by Let’s Encrypt on an Ubuntu server for reverse proxy Nginx:

  1. Install Certbot:
sudo apt-get update
sudo apt-get install certbot python3-certbot-nginx
  1. Modify Nginx configuration file:
sudo nano /etc/nginx/sites-available/

Replace with your domain name.

Add the following lines to the server block:

location ~ /.well-known/acme-challenge {
    allow all;
    root /var/www/html;

Save and exit the file.

  1. Test Nginx configuration:
sudo nginx -t

If the configuration is successful, restart Nginx:

sudo systemctl reload nginx
  1. Obtain SSL certificate:
sudo certbot --nginx -d -d

Replace with your domain name.

Follow the prompts to enter your email address and agree to the terms of service. Certbot will automatically update your Nginx configuration file to include SSL.

  1. Test SSL:

Visit your website using https:// instead of http://. Your browser should show a padlock icon indicating that the connection is secure.

That’s it! Your website is now protected with SSL. Certbot will automatically renew your SSL certificate before it expires.

sudo certbot renew --dry-run

This will check if the renewal process is working without actually renewing the certificates. If everything works fine, you can set up the cron job using the following command:

sudo crontab -e

And then add the following line to run the renewal check twice daily at 3.30am and 3.30pm:

30 3,15 * * * /usr/bin/certbot renew >> /var/log/letsencrypt/renew.log

That’s it! You have successfully created Let’s Encrypt SSL for NGINX reverse proxy in Ubuntu.

Leave a Reply

Your email address will not be published. Required fields are marked *