How to Install a Free SSL Certificate on Nginx
A complete step-by-step guide to configuring HTTPS on your Nginx web server
This guide walks you through installing a free SSL/TLS certificate from freesslcert.net on an Nginx web server. By the end, your website will serve traffic over HTTPS with a valid, browser-trusted certificate from Let's Encrypt.
Prerequisites
- A server running Nginx (1.18+)
- SSH (root or sudo) access to your server
- A domain name pointing to your server's IP address
- SSL certificate files from freesslcert.net
Step 1: Generate Your SSL Certificate
Visit freesslcert.net, enter your domain, choose your certificate type, complete domain validation, and download your certificate files.
Step 2: Upload Certificate Files to Your Server
Transfer certificate.crt, private.key, and ca_bundle.crt to your server's /etc/ssl/ directory using SCP or SFTP.
Step 3: Create the Full Chain Certificate
Nginx requires a single file containing both your certificate and the intermediate CA certificate. Concatenate them into a fullchain.pem file.
Step 4: Configure Nginx Server Block
Edit your Nginx server block to listen on port 443 with SSL. Add ssl_certificate, ssl_certificate_key, and security headers.
Step 5: Test and Reload Nginx
Test the configuration with nginx -t, then reload with systemctl reload nginx.
Step 6: Set Up Auto-Renewal Reminder
Let's Encrypt certificates expire after 90 days. Set a reminder to renew before expiration.