Web Hosting 3 min read

How to Install a Free SSL Certificate on a CentOS 7 Server with NGINX

Written on 06 Nov 2019

In 2019, it’s so easy to get a basic form of SSL that no website should be without it, no matter the use. Not only is it best practice, a non encrypted connection now displays a warning in your browser, which makes loses user trust. In this blog post, we’ll go over how to install a Let’s Encrypt certificate on an NGINX based website.

How to Install a Free SSL certificate

Getting Started

Let’s Encrypt allows you to have an SSL certificate for free, and it with it there’s little excuse to not support SSL on any website, no matter how basic its intended function.
For this tutorial, we’ll be using a server with NGINX running on CentOS 7. Instructions for a different linux distro will be similar, however certain commands may be different.
There are many Let’s Encrypt certificate installers out there to choose from. For this tutorial we’ll be focusing on Certbot, one of the most popular solutions.

Installing Certbot

First, we need to add the EPEL repository.
sudo yum install epel-release
Now, you can install Certbot
sudo yum install certbot python2-certbot-nginx
Now, run the Certbot auto install for nginx
sudo certbot --nginx
Enter Email Address
You’ll be prompted for an email address that will receive renewal reminders and security notices. It’s suggested that while you use a separate email for things concerning the operation of your website, to forward these messages to another email or your mobile device so you don’t miss them.
Term And Condition
After reading and agreeing to the Terms of Service for Let’s Encrypt, you’ll also be greeted with the opportunity to sign up for emails from the electronic frontier foundation.
Next, a prompt will ask you if you’d like to receive emails from Certbot and the Electronic Frontier Foundation. You’ll probably want to deny, especially if you used an email that’s specifically for your website.
Enter Your Domain
Next, you’ll be prompted to enter the domain of the website. You must enter a domain name with an active A DNS record pointing to your webserver, it will not accept an IP address that you may be using for a test website.
A DNS record pointing
From here, you have two options. The first ensures https can function, but it will not force redirect all traffic to HTTPS, and allows HTTP to still function. The second forces all traffic to HTTPS. I always prefer option 2, just make sure it won’t break anything on an existing site. This avoids all browser side warnings about unsecure connections.
HTTPS connection manually
Once you’ve completed the process, you should be greeted with the above message.
Navigate to your website to test it, if you picked option 2 it should force you to HTTPS. If you chose option one you should choose an HTTPS connection manually.
HTTPS connection manually Encrypt SSL certificate on an NGINX website
That’s it! You’ve installed a basic Let’s Encrypt Free SSL certificate on an NGINX website.
If you need help upgrading your existing website, or need someone to make a new one for you, consider hiring offshore developers from CodeClouds.

Share this article

  • twittertwitter
1.7k reads

Similar Reads