sudo apt update
sudo apt install certbot python3-certbot-nginx -y
sudo certbot —nginx -d [yourdomain.com](<http://yourdomain.com>) -d www.yourdomain.com
Let’s Encrypt certs expire every 90 days, but Certbot sets up automatic renewal.
sudo certbot renew --dry-run
Cert Location
/etc/letsencrypt/live/yourdomain.com/
server{
listen 80;
listen [::]:80;
server_name bishesna;
return 301 <https://$host$request+uri>;
{
server{
listen 443;#listen on all upv4 addresses
listen [::]:443;#listen on all ipv6 addresses
servername bishesna bishesna;
root /var/www/bishesna;
index index.html;
ssl_certificate /etc/letsencrypt/live/bishesna/fullchain.pem
ssl_certificate_key /etc/letsencrypt/live/bishesna/privkey.pem
include /etc/letsencrypt/options-ssl-nginx.config;
ddl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location /{
try_files $uri $uri/= 404;
}
}
default:
/etc/letsencrypt/live/<your-domain>/
sudo ln -s /etc/nginx/sites-available/yourdomain /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx