How to add free SSL Certificate to Domain in Digitalocean

/ Digital Ocean / By

To add SSL to a domain in DigitalOcean, you can follow these steps:

  1. Obtain an SSL Certificate: There are multiple ways to obtain an SSL certificate. You can either purchase one from a certificate authority (CA) or use a free certificate from Let’s Encrypt. Let’s Encrypt certificates are widely used and trusted, and DigitalOcean provides an easy way to obtain and manage them. In this example, we’ll use Let’s Encrypt.

  2. Configure DNS Records: Ensure that your domain’s DNS records are correctly configured to point to your DigitalOcean droplet. This typically involves creating an “A” record that associates your domain with the IP address of your droplet. You can manage DNS records either in DigitalOcean’s DNS management or through your domain registrar.

  3. Connect to Your Droplet: Access your droplet using SSH or a terminal emulator.

  4. Install Certbot: Certbot is a tool that automates the process of obtaining and installing Let’s Encrypt SSL certificates. You can install Certbot on your droplet by following the instructions provided by Certbot’s documentation. The installation process may vary depending on your server’s operating system.

  5. Request an SSL Certificate: Once Certbot is installed, you can use it to request an SSL certificate for your domain. Run the following command, replacing your_domain with your actual domain name:


    css
    sudo certbot certonly --webroot -w /var/www/html -d your_domain

    This command instructs Certbot to verify ownership of your domain by placing a temporary file in the webroot directory (/var/www/html) of your droplet. Make sure to adjust the webroot path if your website files are stored elsewhere.

  6. Configure Web Server: After obtaining the SSL certificate, you need to configure your web server to use it. The exact steps depend on the web server software you are using. Here are a few common web servers:

    • Nginx: Locate the Nginx configuration file for your domain (usually located in /etc/nginx/sites-available) and update it to include the SSL certificate details. Add the following lines to the configuration block for your domain:

    • bash
      listen 443 ssl;
      ssl_certificate /etc/letsencrypt/live/your_domain/fullchain.pem;
      ssl_certificate_key /etc/letsencrypt/live/your_domain/privkey.pem;

    • Apache: Locate the Apache configuration file for your domain (often found in /etc/apache2/sites-available) and update it to include the SSL certificate details. Add the following lines to the configuration block for your domain:

      bash
      SSLEngine on
      SSLCertificateFile /etc/letsencrypt/live/your_domain/fullchain.pem
      SSLCertificateKeyFile /etc/letsencrypt/live/your_domain/privkey.pem
       
      Make sure to replace your_domain with your actual domain name and adjust the file paths if necessary.

  7. Restart Web Server: After making the configuration changes, restart your web server to apply the new SSL certificate. Use the appropriate command based on your web server:

    • Nginx: sudo service nginx restart
    • Apache: sudo service apache2 restart
  8. Test SSL Configuration: Visit your domain using https:// in your web browser and ensure that the SSL certificate is applied correctly. The browser should display a secure connection.

Congratulations! Your domain is now secured with SSL using a certificate from Let’s Encrypt. It’s important to note that Let’s Encrypt certificates are valid for 90 days, so it’s recommended to set up automated certificate renewal to ensure uninterrupted SSL protection.

Chat Now
Call Us Now!