SSL Enabled With Nginx and Certbot(Let’s Encrypt)

What is Let’s Encrypt?

Let’s Encrypt is a non-profit certificate authority run by Internet Security Research Group.

What is HTTP?

HTTP stands for Hypertext Transfer Protocol. HTTP uses TCP(Transmission Control Protocol) to send data packets between client and server. Port 80 is generally used for HTTP.

What is HTTPS?

HTTPS stands for Hypertext Transfer Protocol Secure. HTTPS also uses TCP(Transmission Control Protocol) to send data packets between client and server. Port 443 is generally used for HTTP.

What is Certbot?

Certbot is a free, open source software tool for automatically using Let’s Encrypt certificates to enable HTTPS.

What is Nginx?

Nginx is a web server which can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.

How to configure your application?

Prerequisites

  • Ubuntu server
  • Domain name(DNS) pointed at server.
ssh <USER_NAME>@<SERVER_IP>
sudo apt update
sudo apt install nginx
sudo systemctl restart nginx.service
sudo apt-get update
sudo apt-get install software-properties-common
sudo add-apt-repository universe
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install certbot python3-certbot-nginx
sudo certbot --nginx
sudo certbot certonly --nginx
Certbot cronjob
sudo certbot renew --dry-run

Add Reverse Proxy

In here I am using few dockerized micro services such as web, Rest API and etc. So we need public accessible for web and API with HTTPS support. That is why we come up with Certbot.

location / {
proxy_pass http://172.17.0.6:4200;
}
location /api {
proxy_pass http://172.17.0.4:7654;
}
sudo systemctl restart nginx.service

References

  1. https://www.digitalocean.com/community/tutorials/how-to-use-certbot-standalone-mode-to-retrieve-let-s-encrypt-ssl-certificates-on-ubuntu-16-04