Encryption is hard. Let's Encrypt makes it extremely easy. How easy? You can have an SSL certificate for your nginx site in under 10 minutes.

1. Install Let's Encrypt

$ git clone https://github.com/letsencrypt/letsencrypt $ cd letsencrypt $ ./letsencrypt-auto --help

2. Obtain a Certificate

$ # Shut down nginx temporarily $ service stop nginx $ # Generate a cert $ ./letsencrypt-auto certonly --standalone --email me@email.com -d mydomain.com

You can add multiple domains by supplying multiple -d parameters.

3. Update Nginx Configuration

Open your site's nginx configuration and add the following:

listen 443 ssl; server_name mydomain.com; # Replace with your domain ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;

4. Done

Just start your server and test the connection.

$ service nginx start

Conclusion

Let's Encrypt is awesome. In less than 10 minutes I was serving this website via sweet, sweet 256-bit encryption and now you should be able to do the same for your sites. Get going!

Questions or comments about this article? Let me know at tommylackemann [at] gmail [dot] com