Tech Incent
Others

How to add SSL certificate in AWS ec2 ubuntu Nginx server with a custom domain

how-to-add-ssl-certificate-in-aws-ec2-ubuntu-nginx-server-with-a-custom-domain

I deployed my latest opensource project which provides store fake API. and when I complete deployment my store-API project in AWS. I was researching a free SSL certificate for my ubuntu Nginx server. After a long while of research, I found a solution which was a free open source project to install SSL certificate in my node/express app. So in this tutorial, I am going to setup the SSL of my node app. Check my open-source project

Update apt-get dependency

sudo apt-get update

Install certbot and certbot-nginx package

To enable an SSL certificate in your Nginx server, you will need third-party packages. Letsencription org provides free SSL certificates which was needed to install their open-source packages. There provide very good documentation also.

sudo apt-get install certbot python3-certbot-nginx -y

Request and install SSL certificate to your nginx projects

sudo certbot --nginx

When you request an SSL certificate. it will take several inputs…

  1. Take a email input which was used for urgent renew or security notices.:
    Email: [email protected]
  2. https://letsencription.org you must agree to register with ACEME server. Do you agree?
    (Y)es/(N)o: Y
  3. Which names would you like to activate HTTPS for?
    1. www.yourdomain.com
    2. yourdomain.com
    Ans: Select your multple domain with comma separator: example: 1,2
  4. Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access
    1: No redirect – Make no further changes to the webserver configuration.
    2: Redirect – Make all requests redirect to secure HTTPS access. Choose this for
    Ans: 2

So what was heppen

Great you setup SSL of your AWS instance of ubuntu Nginx serve;

Visit your domain it will redirect https://yourdomain.com

The checkout your Nginx config file, in my case

[email protected]:/$ sudo cat /etc/nginx/sites-enabled/default
server {
	server_name storerestapi.com www.storerestapi.com;

	location / {
		# First attempt to serve request as file, then
		# as directory, then fall back to displaying a 404.
	        proxy_pass http://localhost:8000;
	        proxy_http_version 1.1;
	        proxy_set_header Upgrade $http_upgrade;
	        proxy_set_header Connection 'upgrade';
	        proxy_set_header Host $host;
	        proxy_cache_bypass $http_upgrade;
	}

	# pass PHP scripts to FastCGI server
	#
	#location ~ \.php$ {
	#	include snippets/fastcgi-php.conf;
	#
	#	# With php-fpm (or other unix sockets):
	#	fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
	#	# With php-cgi (or other tcp sockets):
	#	fastcgi_pass 127.0.0.1:9000;
	#}

	# deny access to .htaccess files, if Apache's document root
	# concurs with nginx's one
	#
	#location ~ /\.ht {
	#	deny all;
	#}

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/storerestapi.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/storerestapi.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


}
server {
    if ($host = www.storerestapi.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = storerestapi.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


	listen 80;
	server_name storerestapi.com www.storerestapi.com;
    return 404; # managed by Certbot

Related posts

How to Start Blog And Make Money (Free Guide For Beginners)

Tech Incent

PUBG Mobile 0.15.0 update

Tech Incent

A Proper Guide to Business formal

Tech Incent