Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Securing your website is no longer optional. If you’re running a website on Nginx, enabling HTTPS is one of the most important steps you can take to protect user data, build trust, and improve search engine rankings. In this guide, you’ll learn how to enable HTTPS on Nginx using Let’s Encrypt on an Ubuntu 20.04 server using a simple, reliable method.
This step-by-step tutorial is designed for beginners and system administrators alike, helping you install a free SSL certificate, configure Nginx correctly, and ensure automatic renewals with minimal effort.
Table of Contents
Why You Should Enable HTTPS on Nginx
Before diving into the technical steps, it’s worth understanding why HTTPS matters:
- Encrypts data between your server and visitors
- Prevents man-in-the-middle attacks
- Improves user trust and browser security indicators
- Helps with SEO rankings, as Google favors HTTPS websites
- Required for modern browser features and APIs
Thanks to Let’s Encrypt, you can enable HTTPS on Nginx without paying for SSL certificates.
Prerequisites
To enable HTTPS on Nginx using Let’s Encrypt, make sure the following are in place:
- An Ubuntu 24.04 server
- Root or sudo access
- Nginx installed and running
- A registered domain name (example:
example.com) - DNS A records pointing your domain to your server’s IP address
If your domain does not resolve correctly, Let’s Encrypt will not be able to verify ownership.
Install Certbot on Ubuntu 24.04
Certbot is the official client recommended by Let’s Encrypt to issue and manage SSL certificates.
Start by updating your system:
sudo apt updateNow install Certbot and its Nginx plugin:
sudo apt install certbot python3-certbot-nginx
The Nginx plugin allows Certbot to automatically configure SSL settings for your server, making the process faster and less error-prone.
Verify Your Nginx Server Block
Before requesting an SSL certificate, confirm that Nginx is properly configured for your domain.
Open your Nginx configuration file:
sudo vim /etc/nginx/sites-available/example.comEnsure your configuration includes the correct server_name directive:
server_name example.com www.example.com;
Save the file, then test the configuration:
sudo nginx -tIf there are no errors, reload Nginx:
sudo systemctl reload nginx
This step ensures Certbot can correctly identify your domain when enabling HTTPS on Nginx.
Allow HTTPS Traffic Through the Firewall
If you’re using UFW, HTTPS traffic must be allowed.
Check current firewall rules:
sudo ufw statusAllow full Nginx access (HTTP and HTTPS):
sudo ufw allow 'Nginx Full'
sudo ufw delete allow 'Nginx HTTP'
This ensures your server can accept secure connections over port 443.
Enable HTTPS on Nginx Using Let’s Encrypt
Now comes the most important step, enabling HTTPS on Nginx using Let’s Encrypt.
Run the following command:
sudo certbot --nginx -d example.com -d www.example.comDuring the setup, Certbot will:
- Ask for an email address
- Request agreement to Let’s Encrypt terms
- Prompt you to choose whether to redirect HTTP traffic to HTTPS
👉 Choose the redirect option to automatically send all visitors to the secure HTTPS version of your site.
Once completed, your SSL certificate will be installed and Nginx will be updated automatically.
Open your browser and visit:
https://example.com
If everything is configured correctly, you’ll see the secure lock icon in the address bar.
Set Up Automatic SSL Renewal
Let’s Encrypt certificates expire every 90 days, but Certbot handles renewals automatically.
Check the renewal timer:
sudo systemctl status certbot.timerTo test the renewal process:
sudo certbot renew --dry-run
If the test completes without errors, your certificates will renew automatically and no manual work required.
Conclusion
Learning how to enable HTTPS on Nginx using Let’s Encrypt is one of the most valuable skills for any website owner or system administrator. It improves security, builds user trust, and positively impacts SEO, all at zero cost.
With Certbot handling configuration and renewals, HTTPS becomes a one-time setup with long-term benefits.
