Tech Incent
Others

How to add SSL certificate in AWS ec2 ubuntu Nginx server with a custom domain

how-to-add-ssl-certificate-in-aws-ec2-ubuntu-nginx-server-with-a-custom-domain

I deployed my latest opensource project which provides store fake API. and when I complete deployment my store-API project in AWS. I was researching a free SSL certificate for my ubuntu Nginx server. After a long while of research, I found a solution which was a free open source project to install SSL certificate in my node/express app. So in this tutorial, I am going to setup the SSL of my node app. Check my open-source project

Update apt-get dependency

sudo apt-get update

Install certbot and certbot-nginx package

To enable an SSL certificate in your Nginx server, you will need third-party packages. Letsencription org provides free SSL certificates which was needed to install their open-source packages. There provide very good documentation also.

sudo apt-get install certbot python3-certbot-nginx -y

Request and install SSL certificate to your nginx projects

sudo certbot --nginx

When you request an SSL certificate. it will take several inputs…

  1. Take a email input which was used for urgent renew or security notices.:
    Email: [email protected]
  2. https://letsencription.org you must agree to register with ACEME server. Do you agree?
    (Y)es/(N)o: Y
  3. Which names would you like to activate HTTPS for?
    1. www.yourdomain.com
    2. yourdomain.com
    Ans: Select your multple domain with comma separator: example: 1,2
  4. Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access
    1: No redirect – Make no further changes to the webserver configuration.
    2: Redirect – Make all requests redirect to secure HTTPS access. Choose this for
    Ans: 2

So what was heppen

Great you setup SSL of your AWS instance of ubuntu Nginx serve;

Visit your domain it will redirect https://yourdomain.com

The checkout your Nginx config file, in my case

username@my-ip-addess:/$ sudo cat /etc/nginx/sites-enabled/default
server {
	server_name storerestapi.com www.storerestapi.com;

	location / {
		# First attempt to serve request as file, then
		# as directory, then fall back to displaying a 404.
	        proxy_pass http://localhost:8000;
	        proxy_http_version 1.1;
	        proxy_set_header Upgrade $http_upgrade;
	        proxy_set_header Connection 'upgrade';
	        proxy_set_header Host $host;
	        proxy_cache_bypass $http_upgrade;
	}

	# pass PHP scripts to FastCGI server
	#
	#location ~ \.php$ {
	#	include snippets/fastcgi-php.conf;
	#
	#	# With php-fpm (or other unix sockets):
	#	fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
	#	# With php-cgi (or other tcp sockets):
	#	fastcgi_pass 127.0.0.1:9000;
	#}

	# deny access to .htaccess files, if Apache's document root
	# concurs with nginx's one
	#
	#location ~ /\.ht {
	#	deny all;
	#}

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/storerestapi.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/storerestapi.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


}
server {
    if ($host = www.storerestapi.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = storerestapi.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


	listen 80;
	server_name storerestapi.com www.storerestapi.com;
    return 404; # managed by Certbot

Related posts

A Proper Guide to Business formal

Tech Incent

What Is Lead Generation ? Idea of Lead generation

Tech Incent

Business Associate And Everything About It

Tech Incent

Starting Small Business Promotional Campaigns

Tech Incent

How to Change YouTube Name

Tech Incent

How to Write a Business Plan ?

Tech Incent