How to Set Up SSL on Nginx Ubuntu 22.04

account_circle Smit Pipaliya schedule 1 year ago
How to Set Up SSL on Nginx Ubuntu 22.04 - SSLForWeb

Introduction

This article will show you how to set up SSL on Nginx Ubuntu 22.04 LTS. For those who didn’t know, Nginx is an open-source, free HTTP server software. In addition to its HTTP server capabilities, Nginx can also function as a proxy server. I will show you the step-by-step setup of SSL with Nginx on Ubuntu 22.04 (Jammy Jellyfish).

1. Prerequisites

  • The operating system running Ubuntu Linux
  • A root or non-root user with Sudo privileges
  • Has stable internet connection
  • Terminal window / Command line

2. Install Nginx On Ubuntu 22.04

If you have installed nginx, you can skip this. If you have not installed Nginx, then you click on this link: How to Install Nginx on Ubuntu 22.04 LTS

3. Create Nginx Virtualhost

First, create an Nginx virtual host to serve the HTTP version of the website.

sudo nano /etc/nginx/sites-available/<Your Domain Name>.conf

Then, Use the below configuration for your website. Remember to change server_name, root, and fastcgi_pass based on your requirement.

server {

   listen 80;
   server_name sslforweb.ga www.sslforweb.ga;
   root /var/www/html/sslforweb.ga;

   location / {
       index index.html index.htm index.php;
   }

   access_log /var/log/nginx/sslforweb.ga/logs/access.log;
   error_log /var/log/nginx/sslforweb.ga/logs/error.log;

   # Remove this section if the site hosts only plain HTML files
   location ~ \.php$ {
      include fastcgi_params;
      fastcgi_intercept_errors on;
      fastcgi_pass unix:/run/php/php8.1-fpm.sock;
      fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
   }
}

Once you have created the virtual host configuration file, enable the website.

sudo ln -s /etc/nginx/sites-available/sslforweb.ga.conf /etc/nginx/sites-enable/sslforweb.ga.conf

Next, Create a root directory to hold your website's files.

sudo mkdir -p /var/www/html/sslforweb.ga/

Then, Change the ownership and group of the directory.

sudo chown -R www-data:www-data /var/www/html/sslforweb.ga/

If you Finally, place the test HTML file on the website’s document root.

echo "This is a test site @ sslforweb.ga" | sudo tee /var/www/html/sslforweb.ga/index.html

Then, restart the Nginx service to re-read the configurations.

sudo systemctl restart nginx

4. Allowing HTTPS Through the Firewall

If the UFW firewall is enabled, as recommended by the prerequisite guides, you’ll need to adjust the settings to allow HTTPS traffic. Upon installation, Nginx registers a few different UFW application profiles. You can leverage the 443 port to allow HTTP and HTTPS traffic on your server.
To verify what kind of traffic is currently allowed on your server, check the status:

sudo ufw status

How to Set Up SSL on Apache Ubuntu 22.04 - SslForWeb

To allow for HTTPS traffic, allow the 443 port:

sudo ufw allow 443

How to Set Up SSL on Apache Ubuntu 22.04 - SslForWeb

5. Online Generate Free SSL From SslForWeb

If you don't have SSL Certificates, you can generate SSL for free through SslForWeb. Please refer this article: Generate Free Let's Encrypt SSL Certificate.

6. Setup SSL On Nginx

This article will use a separate Nginx virtual host file instead of the default configuration file. We assume you already have a working nginx virtual host for your domain. We can run the command below to copy the sslforweb.com.conf configuration file to yourdomain.com-ssl.conf. Please change sslforweb.ga to your own .conf file in the command to ensure it runs properly.

sudo cp -a /etc/nginx/sites-available/sslforweb.ga{.conf,-ssl.conf}

Now we are going to store the certificate on the server.

Generate Free Let's Encrypt SSL Certificate - SslForWebFirst of all, Copy Certicate then run the below command:

sudo nano /etc/ssl/certs/sslforweb.ga.crt

Then paste it certicate and save the file. After, Copy Private Key then run the below command:

sudo nano /etc/ssl/private/sslforweb.ga.key

Then paste it private key and save the file.

Let’s edit the new virtual host ssl file.

sudo nano /etc/nginx/sites-available/sslforweb.ga-ssl.conf

Replace

listen 80;

In the first line with

listen 443;

Then, add these three lines:

ssl_certificate /etc/ssl/certs/sslforweb.ga.crt;
ssl_certificate_key /etc/ssl/private/sslforweb.ga.key;

Save the file then exit.

After this, we need to enable the SSL version of your site. We can run this command to enable the site:

sudo ln -s /etc/nginx/sites-available/sslforweb.ga-ssl.conf /etc/nginx/sites-enable/sslforweb.ga-ssl.conf

At last, check your nginx configuration by running this command:

sudo nginx -t

If everything is okay, then you will see the “Syntax OK” message, and you can restart Nginx.

sudo systemctl restart nginx

Congratulations! At this point, you should be able to enable HTTPS protocol with Nginx on Ubuntu 22.04.

Thank you for reading this article!

Tags:
nginx webserver ubuntu linux ssl