How to Enable HTTPS on Nginx Using Let’s Encrypt on Ubuntu 24.04

Securing your website is no longer optional. If you’re running a website on Nginx, enabling HTTPS is one of the most important steps you can take to protect user data, build trust, and improve search engine rankings. In this guide, you’ll learn how to enable HTTPS on Nginx using Let’s Encrypt on an Ubuntu 20.04 server using a simple, reliable method.

This step-by-step tutorial is designed for beginners and system administrators alike, helping you install a free SSL certificate, configure Nginx correctly, and ensure automatic renewals with minimal effort.

Table of Contents

Why You Should Enable HTTPS on Nginx

Before diving into the technical steps, it’s worth understanding why HTTPS matters:

  • Encrypts data between your server and visitors
  • Prevents man-in-the-middle attacks
  • Improves user trust and browser security indicators
  • Helps with SEO rankings, as Google favors HTTPS websites
  • Required for modern browser features and APIs

Thanks to Let’s Encrypt, you can enable HTTPS on Nginx without paying for SSL certificates.

Prerequisites

To enable HTTPS on Nginx using Let’s Encrypt, make sure the following are in place:

  • An Ubuntu 24.04 server
  • Root or sudo access
  • Nginx installed and running
  • A registered domain name (example: example.com)
  • DNS A records pointing your domain to your server’s IP address

If your domain does not resolve correctly, Let’s Encrypt will not be able to verify ownership.

Install Certbot on Ubuntu 24.04

Certbot is the official client recommended by Let’s Encrypt to issue and manage SSL certificates.

Start by updating your system:

sudo apt update

Now install Certbot and its Nginx plugin:

sudo apt install certbot python3-certbot-nginx

The Nginx plugin allows Certbot to automatically configure SSL settings for your server, making the process faster and less error-prone.

Verify Your Nginx Server Block

Before requesting an SSL certificate, confirm that Nginx is properly configured for your domain.

Open your Nginx configuration file:

sudo vim /etc/nginx/sites-available/example.com

Ensure your configuration includes the correct server_name directive:

server_name example.com www.example.com;

Save the file, then test the configuration:

sudo nginx -t

If there are no errors, reload Nginx:

sudo systemctl reload nginx

This step ensures Certbot can correctly identify your domain when enabling HTTPS on Nginx.

Allow HTTPS Traffic Through the Firewall

If you’re using UFW, HTTPS traffic must be allowed.

Check current firewall rules:

sudo ufw status

Allow full Nginx access (HTTP and HTTPS):

sudo ufw allow 'Nginx Full'
sudo ufw delete allow 'Nginx HTTP'

This ensures your server can accept secure connections over port 443.

Enable HTTPS on Nginx Using Let’s Encrypt

Now comes the most important step, enabling HTTPS on Nginx using Let’s Encrypt.

Run the following command:

sudo certbot --nginx -d example.com -d www.example.com

During the setup, Certbot will:

  • Ask for an email address
  • Request agreement to Let’s Encrypt terms
  • Prompt you to choose whether to redirect HTTP traffic to HTTPS

👉 Choose the redirect option to automatically send all visitors to the secure HTTPS version of your site.

Once completed, your SSL certificate will be installed and Nginx will be updated automatically.

Open your browser and visit:

https://example.com

If everything is configured correctly, you’ll see the secure lock icon in the address bar.

Set Up Automatic SSL Renewal

Let’s Encrypt certificates expire every 90 days, but Certbot handles renewals automatically.

Check the renewal timer:

sudo systemctl status certbot.timer

To test the renewal process:

sudo certbot renew --dry-run

If the test completes without errors, your certificates will renew automatically and no manual work required.

Conclusion

Learning how to enable HTTPS on Nginx using Let’s Encrypt is one of the most valuable skills for any website owner or system administrator. It improves security, builds user trust, and positively impacts SEO, all at zero cost.

With Certbot handling configuration and renewals, HTTPS becomes a one-time setup with long-term benefits.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Trending now

Remove Unused Packages in Ubuntu
How to Remove Unused Packages in Ubuntu to Boost Performance
Pods in Kubernetes: Understanding the Building Blocks of Scalable Applications
Kubernetes-ReplicaSet
What is ReplicaSet in Kubernetes?
Kubernetes Deployment
Understanding Kubernetes Deployment: A Deep Dive