Add an SSL Certificate to any VPS.

Image from www.zepo.in

This article will show how you can add an SSL certificate to your Domains in VPS.

If you followed my last story, I have shown how you can add multiple domains/subdomains to your VPS. I strongly recommend checking it out as I will continue that story to add certificates to the domain.

So as for now, you have already added domains/subdomains to your VPS by pointing ‘A’ record to your IP Address to the Domain Provider. Let’s continue adding SSL to the Domains.

In this tutorial, I have 2 websites, jugaadapp.me and api.jugaadapp.me .

Step 1- Installing Certbot

Add the Certbot repository so that we can install it.

$ sudo add-apt-repository ppa:certbot/certbot

Install the Certbot package

$ sudo apt install python3-certbot-nginx

Step 2- Configuration

As in the previous post, we have already set up the Server blocks to the respective domain. I have 2 server blocks that direct to my domain.

I can check my server block by typing:

$ sudo nano /etc/nginx/sites-available/jugaadapp.me

There you can find the server names that you have used. Remember the names and exit from the file.

If you have made any changes to the configuration file, you can use the below commands to check the syntax and restart the server.

$ sudo nginx -t
$ sudo systemctl reload nginx

Now, I assume you have already configured the Firewall as suggested in my previous article, you can check it by typing:

$ sudo ufw status

Step 3- Getting SSL Certificate

Now run the below command to run the Certbot, and it will automatically configure your domains to obtain an SSL certificate. Just put all the domains that you have configured inside the server block.

$ sudo certbot --nginx -d jugaadapp.me -d www.jugaadapp.me -d api.jugaadapp.me

It might ask you for your Email Address, give the required field, and you are good to go.

After accepting the terms and conditions, it will ask you if you want to redirect all your HTTP traffic to HTTPS, select the option you want, and be greeted with congratulation.

BONUS

Now the only thing left is to test the renewal process as these scripts only last for 90 days. But thankfully, the Certbot take care of all the things. Run the below command to test your renewal process:

$ sudo certbot renew --dry-run

If ever Certbot fails to renew, you will receive an email from Let’s Encrypt informing you about it.

Voila, your websites are now secured with SSL certificates—no more warning from Google Chrome.

ENJOY!!😀