Complete website in Rs. 5,000 with Free Hosting & Domain. Offer ends in  00:00:00
Back to Blog

How to Get a Free Wildcard SSL Certificate for Your Nginx Server Websites

Learn how to secure your Nginx server with a free wildcard SSL certificate from Let's Encrypt. Follow step-by-step instructions, including detailed code samples, to generate, install, and automatically renew your SSL certificate with Certbot

Mar 23, 2024 Updated: Mar 23, 2024

In today’s digital landscape, website security is paramount. Securing your website with SSL (Secure Sockets Layer) encryption not only protects your users’ sensitive information but also improves your site’s SEO ranking. However, obtaining and managing SSL certificates can be costly and complex. Fortunately, Let’s Encrypt offers a free and easy solution to this problem. In this article, we’ll guide you through the process of obtaining a free wildcard SSL certificate for your Nginx server and integrating it seamlessly into your configuration files.

What is a Wildcard SSL Certificate?

A wildcard SSL certificate is a type of SSL certificate that secures a domain and all its subdomains. For example, if your main domain is example.com, a wildcard certificate will secure *.example.com, including shop.example.com, app.example.com, and so on.

Step 1: Installing Certbot

Before we can obtain our wildcard SSL certificate, we need to install Certbot, a free and open-source software tool for automatically using Let’s Encrypt certificates. Installation instructions for various platforms can be found on the Certbot website.

Step 2: Generating the Wildcard SSL Certificate

sudo certbot certonly --manual --preferred-challenges=dns --email your_email@example.com -d example.com -d www.example.com -d *.example.com

Replace your_email@example.com with your email address and example.com with your main domain. Follow the prompts to complete the DNS challenge, which verifies your ownership of the domain.

Step 3: Installing the Certificate

After successfully completing the DNS challenge, Certbot will generate the wildcard SSL certificate. The certificate files will be stored in /etc/letsencrypt/live/example.com/

Next, update your Nginx configuration file for each subdomain to use the SSL certificate:

server {
    listen 443 ssl;
    server_name shop.example.com;

    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

    # Other SSL configurations...

    # Other site configurations...
}

Replace example.com with your main domain.

Step 4: Automating Certificate Renewal

Let’s Encrypt certificates are valid for 90 days. To ensure your certificates stay valid, set up automatic renewal by adding a cron job to run the Certbot renewal command periodically:

sudo crontab -e

Add the following line to run the renewal command twice a day:

0 */12 * * * certbot renew --quiet

Save and exit the editor. This cron job will check for certificate expiration and renew them if necessary.

Securing your Nginx server with a wildcard SSL certificate has never been easier or more affordable. By leveraging Let’s Encrypt and Certbot, you can protect your website and your users’ data without breaking the bank. Follow the steps outlined in this article to obtain, install, and automatically renew your free wildcard SSL certificate, and enjoy peace of mind knowing that your website is secure.

With these steps, you can obtain a wildcard SSL certificate for free using Let’s Encrypt’s Certbot and configure it in your Nginx server for all subdomains of your main domain.

Contact

Got A Question For Us?

Feel free to ask anything directly on call or fill the form and we will contact back within few hours.