How to deploy with SSL?

Deploying a website with SSL (Secure Sockets Layer) involves obtaining an SSL certificate and configuring your web server to use it. Below are the steps for deploying a website with SSL on both Apache and Nginx servers.

Step 1: Obtain an SSL Certificate

You can obtain an SSL certificate from a Certificate Authority (CA) or use a free service like Let's Encrypt.

Using Let's Encrypt (Recommended for Free SSL)

1. Install Certbot:

   • On Ubuntu/Debian:

     sudo apt update
     sudo apt install certbot python3-certbot-apache  # For Apache
     sudo apt install certbot python3-certbot-nginx   # For Nginx

   • On CentOS/RHEL:

     sudo yum install epel-release
     sudo yum install certbot python2-certbot-apache  # For Apache
     sudo yum install certbot python2-certbot-nginx    # For Nginx

2. Obtain the SSL Certificate:
   Run the following command to obtain the certificate:

   sudo certbot --apache  # For Apache
   sudo certbot --nginx   # For Nginx

   Follow the prompts to complete the certificate issuance process.

Step 2: Configure Your Web Server

For Apache

1. Edit the Virtual Host Configuration:
   Open your Apache configuration file (e.g., /etc/apache2/sites-available/your_website.conf):

   sudo nano /etc/apache2/sites-available/your_website.conf

2. Add SSL Configuration:
   Ensure your configuration includes the following:

   <VirtualHost *:80>
       ServerName your_domain.com
       Redirect permanent / https://your_domain.com/
   </VirtualHost>
   
   <VirtualHost *:443>
       ServerName your_domain.com
       DocumentRoot /var/www/html/
       SSLEngine on
       SSLCertificateFile /etc/letsencrypt/live/your_domain.com/fullchain.pem
       SSLCertificateKeyFile /etc/letsencrypt/live/your_domain.com/privkey.pem
   </VirtualHost>

3. Enable the SSL Module and Restart Apache:

   sudo a2enmod ssl
   sudo systemctl restart apache2

For Nginx

1. Edit the Server Block Configuration:
   Open your Nginx configuration file (e.g., /etc/nginx/conf.d/your_website.conf):

   sudo nano /etc/nginx/conf.d/your_website.conf

2. Add SSL Configuration:
   Ensure your configuration includes the following:

   server {
       listen 80;
       server_name your_domain.com;
       return 301 https://$host$request_uri;
   }
   
   server {
       listen 443 ssl;
       server_name your_domain.com;
   
       ssl_certificate /etc/letsencrypt/live/your_domain.com/fullchain.pem;
       ssl_certificate_key /etc/letsencrypt/live/your_domain.com/privkey.pem;
   
       root /usr/share/nginx/html/;
       index index.html index.htm;
   }

3. Test the Configuration and Restart Nginx:

   sudo nginx -t
   sudo systemctl restart nginx

Step 3: Verify SSL Installation

1. Check SSL Certificate:
   Open a web browser and navigate to https://your_domain.com. You should see a padlock icon in the address bar, indicating that the connection is secure.

2. Use Online Tools:
   You can also use online tools like SSL Labs to check your SSL configuration and ensure everything is set up correctly.

Conclusion

By following these steps, you can successfully deploy a website with SSL on both Apache and Nginx servers. This ensures that your website traffic is encrypted and secure. Remember to renew your SSL certificate periodically, especially if you are using Let's Encrypt, which issues certificates that expire every 90 days.