Install Certbot
To obtain a Let's Encrypt SSL certificate, you have to install the Certbot client on your server.
Add the repository. Press the ENTER key when prompted to accept.
add-apt-repository ppa:certbot/certbot
Update the package list.
apt-get update
Proceed by installing Certbot and Certbot's Nginx package.
apt-get -y install python-certbot-nginx
Configuring Nginx
Certbot automatically configures SSL for Nginx, but to do so it needs to find the server block in your Nginx configuration file. It does this by matching the
server_name directive in the configuration file with the domain name for which you're requesting a certificate.
If you're using the default configuration file
/etc/nginx/sites-available/default open it with a text editor such as nano and find the server_name directive. Replace the underscore, _, with your own domain name(s):nano /etc/nginx/sites-available/default
After editing the configuration file, the
server_name directive should look as follows. In this example, I assume that your domain is example.com and that you're requesting a certificate for example.com and www.example.com.server_name example.com www.example.com;
Proceed by verifying the syntax of your edits.
nginx -t
If the syntax is correct, restart Nginx to use the new configuration. If you get any error messages, reopen the configuration file and check for any typos, then try again.
systemctl restart nginx
Obtaining a Let's Encrypt SSL certificate
The following command will obtain a certificate for you. Edit your Nginx configuration to use it, and reload Nginx.
certbot --nginx -d example.com -d www.example.com
You can also request an SSL certificate for additional domains. Just add the "
-d" option as many times as you like.certbot --nginx -d example.com -d www.example.com -d example.net -d example.net
In case you only want to obtain the certificate from Let's Encrypt without installing it automatically you can use the following command. This makes temporary changes to your Nginx configuration to obtain the certificate and reverts them once the certificate has been downloaded.
certbot --nginx certonly -d example.com -d www.example.com @reference_1_vultr.com 