Install Let's Encrypt SSL with Certbot (Nginx) on Ubuntu 24.04
Step 1 – Install Certbot with Nginx plugin
apt update && apt upgrade -y
apt install -y certbot python3-certbot-nginxStep 2 – Obtain a certificate
certbot --nginx -d example.com -d www.example.comFollow the prompts to:
- Enter an email for renewal notifications
- Agree to the Terms of Service
- Choose whether to redirect HTTP to HTTPS (recommended: yes)
Certbot will automatically modify your Nginx configuration.
Step 3 – Test auto-renewal
certbot renew --dry-runStep 4 – Automatic renewal
Certbot installs a systemd timer or cron job automatically. Verify:
systemctl list-timers | grep certbot 2>/dev/null || \
crontab -l | grep certbotIf not present, add to root crontab:
0 3 * * * certbot renew --quiet --deploy-hook "systemctl reload nginx"Step 5 – Check certificate expiry
certbot certificates
openssl s_client -connect example.com:443 -servername example.com \
2>/dev/null | openssl x509 -noout -dates