Secure http with Certbot

The procedure to secure the website with SSL encryption is well documented in the DigitalOcean tutorial.


Make sure you have:

  1. DNS-records for both and
  2. server_name; included in your NGINX server block.

Get SSL certificate

With verything in place, Certbot will provide an SSL certificate through an nginx plugin, that will take care of reconfiguring the server block and reloading the config. The first command below will run the plugin, the second will check for automatic renewal of all your certificates.

$ sudo certbot --nginx -d -d
$ sudo certbot renew --dry-run