Setup HTTPS with Nginx on Azure Ubuntu VM

Setup HTTPS with Nginx on Azure Ubuntu VM

Today we will see how we can setup HTTPS on using Certbot Nginx configuration on an Azure Ubuntu VM. This post will be composed of three steps:

  1. Prepare the VM
  2. Install Nginx
  3. Install Certbot

1. Prepare the VM

We start first by creating an Azure VM on Ubuntu 18.04 with either password or SSH and allowing HTTP, HTTPS, SSH.

creation

Once done, we can select a custom DNS for our VM. This makes it easier to SSH but also it will be required for our SSL certificate setup.

dns

We set the Assignment as Static then we choose a DNS name label. Here we choose azure-test-vm therefore the VM will be accessible at azure-test-vm.southcentralus.cloudapp.azure.com.

We should now be able to SSH into the VM using the command:

ssh kimserey@azure-test-vm.southcentralus.cloudapp.azure.com

2. Install Nginx

Next once we are in the VM, we can install Nginx by installing the following:

sudo apt-get update
sudo apt-get install nginx

Once installed, as we already have opened the HTTP port during creation of the VM, we should be able to see the default Nginx page from http://azure-test-vm.southcentralus.cloudapp.azure.com.

Let’s then create a website configuration in Nginx under /etc/nginx/sites-available named as our server azure-test-vm.southcentralus.cloudapp.azure.com.

And paste the following configuration:

server {                                                        
  listen 80 default_server;
  listen [::]:80 default_server;
                                                              
  server_name azure-test-vm.southcentralus.cloudapp.azure.com; 
                                                              
  root /var/www/html;                                   
  index index.html index.htm index.nginx-debian.html;                                                          
  location / {                                                 
    try_files $uri $uri/ =404;                           
  }                                                            
}

To know more about Nginx, yo ucan checkout my previous blog post on how to setup ASP NET Core applications with Nginx.

We then remove the existing default setup by deleting the file under `` and creating a symlink to our new configuration.

sudo rm /etc/nginx/sites-enabled/default
sudo ln -s /etc/nginx/sites-available/azure-test-vm.southcentralus.cloudapp.azure.com /etc/nginx/sites-enabled/azure-test-vm.southcentralus.cloudapp.azure.com

The /sites-enabled folder is the folder scanned by nginx, therefore the recommendation is to add configuration in /sites-available and then link them into /sites-enabled so that we can remove them whenever we need to without losing them. For example, default file is still available under /sites-available for reference.

Next we reload nginx with the following command:

sudo service nginx reload

If we navigate to http://azure-test-vm.southcentralus.cloudapp.azure.com/ we should see the same result as earlier except this would be with our own simplified configuration file.

3. Install Certbot

Lastly to install HTTPS, we will use Certbot with Nginx configuration which is an implementation of the ACME protocol for Letsencrypt.

We do so by executing the following commands:

sudo apt-get install software-properties-common
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install python-certbot-nginx
sudo certbot --nginx

We follow the wizard which asks first for an email to let you know when the cert is close to expiry, then to select the server, then if you’d like to redirect HTTP to HTTPS.

Once done, we should have our server served via HTTPS http://azure-test-vm.southcentralus.cloudapp.azure.com/. If we click on the lock, we should see that our certificate is issued by Letsencrypt.

ssl

Conclusion

Today we saw how to setup HTTPS on our server for free using Letsencrypt. We started first by looking at how we could create a VM on Azure and setup a custom DNS, then we moved on to look at how to install Nginx and configure a simple server directive and finally we finished by installing a SSL cert configuration on Nginx using Certbot. Hope you like this post, see you on the next one!

Comments

Post a Comment

Popular posts from this blog

A complete SignalR with ASP Net Core example with WSS, Authentication, Nginx

SignalR with ASP Net Core SignalR is a framework from ASP NET Core allowing us to establish a two way communication between client and server. This two way communication allows the client to send messages to the server but more importantly allows the server to push messages to the client. SignalR makes use of Websocket when available else it falls back to SSE or pulling. Today we will focus on how to setup SignalR to work with WSS, Websocket secure and how we can authenticate the user requesting to connect to our SignalR hub via Webscoket. Getting started with SignalR SSL encryption for Websocket Secure WSS Websocket Authentication with Identity Server 4 SignalR behind Nginx 1. Getting started with SignalR The Hubs are the main components of SignalR. It is an abstraction of a two way communication available for both client and server. Public functions from the hub can be called from the server code and can be called from the client. The frontend NPM package @aspnet/signalr
Keep reading

Verify dotnet SDK and runtime version installed

Verify dotnet SDK and runtime version installed To check your dotnet version installed, use dotnet --info . This command will display the SDKs and runtimes installed on your system together with the path where they can be found. For example on my Windows 10 development machine, dotnet --info will yield the following: > dotnet --info .NET Core SDK (reflecting any global.json): Version: 2.1 . 301 Commit: 59524873 d6 Runtime Environment: OS Name: Windows OS Version: 10.0 . 17134 OS Platform: Windows RID: win10-x64 Base Path: C:\Program Files\dotnet\sdk\ 2.1 . 301 \ Host (useful for support): Version: 2.1 . 1 Commit: 6985 b9f684 .NET Core SDKs installed: 2.1 . 4 [C:\Program Files\dotnet\sdk] 2.1 . 201 [C:\Program Files\dotnet\sdk] 2.1 . 300 [C:\Program Files\dotnet\sdk] 2.1 . 301 [C:\Program Files\dotnet\sdk] .NET Core runtimes installed: Microsoft.AspNetCore.All 2.1 . 0 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.A
Keep reading

SDK-Style project and project.assets.json

SDK-Style project and project.assets.json Last week I encountered an issue with MSBuild while trying to run it from command line. The issue did not appear when using VisualStudio right click + build but only appeared when using msbuild.exe CLI directly with a clean project. Assets file 'C:\[...]\obj\project.assets.json' not found. Run a NuGet package restore to generate this file. When I first saw the error, few questions came to my mind which I will share today in 3 points: Overview of project.assets.json Slim SDK-Style project Mixing SDK-Style project and old projects Special shoutout to @enricosada who provided me with all the answers regarding the SDK-Style project. 1. Overview of project.assets.json project.assets.json lists all the dependencies of the project. It is created in the /obj folder when using dotnet restore or dotnet build as it implicitly calls restore before build, or msbuid.exe /t:restore with msbuild CLI. To simulate dotnet build (re
Keep reading