Tech Incent

How to add SSL certificate in AWS ec2 ubuntu Nginx server with a custom domain


I deployed my latest opensource project which provides store fake API. and when I complete deployment my store-API project in AWS. I was researching a free SSL certificate for my ubuntu Nginx server. After a long while of research, I found a solution which was a free open source project to install SSL certificate in my node/express app. So in this tutorial, I am going to setup the SSL of my node app. Check my open-source project

Update apt-get dependency

sudo apt-get update

Install certbot and certbot-nginx package

To enable an SSL certificate in your Nginx server, you will need third-party packages. Letsencription org provides free SSL certificates which was needed to install their open-source packages. There provide very good documentation also.

sudo apt-get install certbot python3-certbot-nginx -y

Request and install SSL certificate to your nginx projects

sudo certbot --nginx

When you request an SSL certificate. it will take several inputs…

  1. Take a email input which was used for urgent renew or security notices.:
    Email: [email protected]
  2. you must agree to register with ACEME server. Do you agree?
    (Y)es/(N)o: Y
  3. Which names would you like to activate HTTPS for?
    Ans: Select your multple domain with comma separator: example: 1,2
  4. Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access
    1: No redirect – Make no further changes to the webserver configuration.
    2: Redirect – Make all requests redirect to secure HTTPS access. Choose this for
    Ans: 2

So what was heppen

Great you setup SSL of your AWS instance of ubuntu Nginx serve;

Visit your domain it will redirect

The checkout your Nginx config file, in my case

username@my-ip-addess:/$ sudo cat /etc/nginx/sites-enabled/default
server {

	location / {
		# First attempt to serve request as file, then
		# as directory, then fall back to displaying a 404.
	        proxy_pass http://localhost:8000;
	        proxy_http_version 1.1;
	        proxy_set_header Upgrade $http_upgrade;
	        proxy_set_header Connection 'upgrade';
	        proxy_set_header Host $host;
	        proxy_cache_bypass $http_upgrade;

	# pass PHP scripts to FastCGI server
	#location ~ \.php$ {
	#	include snippets/fastcgi-php.conf;
	#	# With php-fpm (or other unix sockets):
	#	fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
	#	# With php-cgi (or other tcp sockets):
	#	fastcgi_pass;

	# deny access to .htaccess files, if Apache's document root
	# concurs with nginx's one
	#location ~ /\.ht {
	#	deny all;

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

server {
    if ($host = {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    if ($host = {
        return 301 https://$host$request_uri;
    } # managed by Certbot

	listen 80;
    return 404; # managed by Certbot

Related posts

A Proper Guide to Business formal

Tech Incent

Everything About B2B Marketing and Its Essential Strategies

Tech Incent

The best list of copyright-free image sites can use on the website

Tech Incent

Everything You Need to Know About Man in Suit

Tech Incent

Business Associate And Everything About It

Tech Incent

Best 12 Free Business Name Generators, Create your Brand

Tech Incent