How to Install SSL Certificate for Nginx on Ubuntu Server 20.04

Louis SanchezAugust 14th 2021, 11:53

Follow these steps to set HTTPs on Nginx

Generating SSL Certificates

Step 1 : Create a directory to hold all certificate and keys

sudo mkdir -p /etc/nginx/ssl/

Step 2 : Change to the new directory and enter the following command to create a certificate and SSL key

cd /etc/nginx/ssl/
sudo openssl req -newkey rsa:2048 -x509 -nodes -days 365 -keyout -out

Step 3 : This will prompt you to enter some information about your company and website.

Step 4 : After you are done with it, you can check the generated certificate and key

ls -l

Configuring Nginx

Step 5 : Create a virtual host entry or edit it if you already have one:

sudo nano /etc/nginx/sites-available/
server {
    listen 80;
    return 301 https://$host$request_uri;
server {
    listen 443 ssl;

    root /var/www/;
    index index.php index.html index.htm;

    ssl_certificate     /etc/nginx/ssl/;
    ssl_certificate_key     /etc/nginx/ssl/;
    # if you have received ca-certs.pem from Certification Authority
    #ssl_trusted_certificate /etc/nginx/ssl/;

    location / {
        try_files $uri $uri/ /index.php;

    location ~ \.php$ {
        include fastcgi_params;
        fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; 

Step 6 : Enable this configuration by creating a symbolic link to it under sites-enabled

sudo ln -s /etc/nginx/sites-available/ /etc/nginx/sites-enabled/

Step 7 : Check the configuration for syntax errors

sudo nginx -t

Step 8 : Reload Nginx for the changes to take effect

sudo service nginx reload

Step 9 : Now, open your browser on the client system and point it to your domain name or IP address with HTTPS at the start:

Step 10 : Your browser may return an error saying Invalid Certification Authority. This is fine as we are using a self-signed certificate.