Securing your website with SSL (Secure Socket Layer) is essential to protect sensitive information such as passwords, credit card details, and other data transmitted between your server and users’ browsers. SSL also enhances your website’s credibility and trustworthiness, making it a critical component of modern web hosting. In this blog, we’ll guide you through the process of setting up SSL on Amazon Linux 2023 using nginx and Let’s Encrypt.
Table of Contents
Step 1: Install nginx
First, you need to install the nginx web server. Run the following command to install nginx on your Amazon Linux 2023 server:
sudo yum install nginx
Step 2: Allow HTTPS traffic
By default, HTTPS traffic is blocked on Amazon Linux 2023. You need to allow HTTPS traffic in the firewall to enable SSL. To allow HTTPS traffic, run the following command:
sudo firewall-cmd –add-service=https –permanent
sudo firewall-cmd –reload
Step 3: Install Certbot
Certbot is a tool that automates the process of obtaining and renewing SSL certificates from Let’s Encrypt. To install Certbot, run the following command:
sudo python3 -m venv /opt/certbot/ sudo /opt/certbot/bin/pip install --upgrade pip sudo /opt/certbot/bin/pip install certbot certbot-nginx sudo ln -s /opt/certbot/bin/certbot /usr/bin/certbot
Step 4: Configure nginx
Next, you need to configure nginx to serve your website over HTTPS. Open the nginx configuration file using your preferred text editor:
sudo nano /etc/nginx/nginx.conf
In the HTTP block, add the following lines to redirect all HTTP traffic to HTTPS:
return 301 https://$host$request_uri;
Replace example.com with your domain name.
Save the file and exit the editor.
Step 5: Request and install the SSL certificate
Now you are ready to request an SSL certificate from Let’s Encrypt using Certbot. Run the following command to request a certificate:
sudo certbot --nginx
Certbot will ask you to provide an email address and agree to the Let’s Encrypt terms of service. After that, Certbot will automatically configure nginx to use the new SSL certificate.
Step 6: Test SSL configuration
To test your SSL configuration, visit your website using HTTPS. If everything is configured correctly, you should see a green padlock icon in your browser’s address bar.
Step 7: Automatic certificate renewal
Let’s Encrypt SSL certificates are valid for 90 days. To ensure uninterrupted SSL protection, you need to renew your certificate every 90 days. Fortunately, Certbot can automate the renewal process for you. To set up automatic certificate renewal, run the following command:
sudo certbot renew
This command will simulate the certificate renewal process to make sure everything is configured correctly. If there are no errors, Certbot will automatically renew your SSL certificate when it is due to expire.
To renew the Certificate automatically you need to set a cronjob via crontab. The commands are given below.
sudo dnf install cronie
sudo crontab -e
0 3 * * * sudo certbot renew >/dev/null 2>&1
SSL is an essential component of modern web hosting. By following the steps outlined in this blog, you can easily set up SSL on Amazon Linux 2023 using nginx and Let’s Encrypt. With SSL, you can protect your users’ sensitive information and enhance your website’s credibility and trustworthiness.