Tech Incent

How to add SSL certificate in AWS ec2 ubuntu Nginx server with a custom domain


I deployed my latest opensource project which provides store fake API. and when I complete deployment my store-API project in AWS. I was researching a free SSL certificate for my ubuntu Nginx server. After a long while of research, I found a solution which was a free open source project to install SSL certificate in my node/express app. So in this tutorial, I am going to setup the SSL of my node app. Check my open-source project

Update apt-get dependency

sudo apt-get update

Install certbot and certbot-nginx package

To enable an SSL certificate in your Nginx server, you will need third-party packages. Letsencription org provides free SSL certificates which was needed to install their open-source packages. There provide very good documentation also.

sudo apt-get install certbot python3-certbot-nginx -y

Request and install SSL certificate to your nginx projects

sudo certbot --nginx

When you request an SSL certificate. it will take several inputs…

  1. Take a email input which was used for urgent renew or security notices.:
    Email: [email protected]
  2. you must agree to register with ACEME server. Do you agree?
    (Y)es/(N)o: Y
  3. Which names would you like to activate HTTPS for?
    Ans: Select your multple domain with comma separator: example: 1,2
  4. Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access
    1: No redirect – Make no further changes to the webserver configuration.
    2: Redirect – Make all requests redirect to secure HTTPS access. Choose this for
    Ans: 2

So what was heppen

Great you setup SSL of your AWS instance of ubuntu Nginx serve;

Visit your domain it will redirect

The checkout your Nginx config file, in my case

[email protected]:/$ sudo cat /etc/nginx/sites-enabled/default
server {

	location / {
		# First attempt to serve request as file, then
		# as directory, then fall back to displaying a 404.
	        proxy_pass http://localhost:8000;
	        proxy_http_version 1.1;
	        proxy_set_header Upgrade $http_upgrade;
	        proxy_set_header Connection 'upgrade';
	        proxy_set_header Host $host;
	        proxy_cache_bypass $http_upgrade;

	# pass PHP scripts to FastCGI server
	#location ~ \.php$ {
	#	include snippets/fastcgi-php.conf;
	#	# With php-fpm (or other unix sockets):
	#	fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
	#	# With php-cgi (or other tcp sockets):
	#	fastcgi_pass;

	# deny access to .htaccess files, if Apache's document root
	# concurs with nginx's one
	#location ~ /\.ht {
	#	deny all;

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

server {
    if ($host = {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    if ($host = {
        return 301 https://$host$request_uri;
    } # managed by Certbot

	listen 80;
    return 404; # managed by Certbot

Related posts

How to Start Blog And Make Money (Free Guide For Beginners)

Tech Incent

PUBG Mobile 0.15.0 update

Tech Incent

A Proper Guide to Business formal

Tech Incent