HTTPS is the secure form of the Hypertext Transfer Protocol (HTTP). It employs the SSL/TLS protocol for encryption and authentication, ensuring secure communication between the web server and the browser. This protocol encrypts HTTP requests and responses to prevent unauthorized access to the information exchanged between your browser and the web server. Without HTTPS, someone can intercept and steal sensitive information from your website visitors, including login credentials and credit card details. After installing Apache or Nginx on Ubuntu 24.04, the service will only run on port 80 by default. To enable HTTPS protocol on Ubuntu 24.04, we need to configure Apache or Nginx to listen on port 443 and install an SSL certificate. In this article, we will show you how to enable the HTTPS protocol on Ubuntu 24.04.
Table of Contents
Prerequisites
- An Ubuntu 24.04 server
- SSH access with sudo privileges, or root access
- A domain or subdomain already pointing to your server
Conventions
# – given commands should be executed with root privileges either directly as a root user or by use of sudo command
$ – given commands should be executed as a regular userStep 1. Update the System
First of all, we need to log in to our Debian 10 VPS through SSH:
ssh root@IP_Address -p Port_numberReplace “root” with a user that has sudo privileges or root if necessary. Additionally, replace “IP_Address” and “Port_Number” with your server’s respective IP address and SSH port number. Next, let’s make sure that we’re on Ubuntu 24.04. You can verify it with this command:
# lsb_release -aYou should get this as the output:
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 24.04.3 LTS
Release: 24.04
Codename: nobleThen, run the following command to make sure that all installed packages on the server are updated to their latest available versions:
# apt update Step 2. Install Web Server
Please select one of the web servers, Apache or Nginx.
Apache
To install Apache, run the command:
# apt install apache2Nginx
To install nginx, run the command:
# apt install nginxWhatever web server you choose to install will run automatically during installation.
Step 3. Create Virtual Host
Apache
If you want to run Apache as the web server, let’s complete this step.
# nano /etc/apache2/sites-available/yourdomain.com.confInsert the following into the file.
<VirtualHost *:80>
ServerAdmin admin@yourdomain.com
ServerName yourdomain.com
ServerAlias www.yourdomain.com
DocumentRoot /var/www/html/yourdomain.com
ErrorLog ${APACHE_LOG_DIR}/yourdomain.com.error.log
CustomLog ${APACHE_LOG_DIR}/yourdomain.com.access.log combined
</VirtualHost>Please make sure to replace yourdomain.com with your actual domain name pointing to the server. Save the file, then exit from the editor. Now, let’s enable the virtual host and restart Apache.
# a2ensite yourdomain.com# systemctl restart apache2Nginx
If you want to use nginx, skip the steps above and complete the following instead.
# nano /etc/nginx/conf.d/yourdomain.com.confInsert the following into that file.
server {
listen 80;
root /var/www/html/yourdomain.com;
index index.html;
server_name yourdomain.com www.yourdomain.com;
location / {
try_files $uri $uri/ =404;
}
}Please make sure to replace yourdomain.com with your actual domain name pointing to the server. Save the file, exit from the editor, then restart nginx.
# systemctl restart nginxStep 4. Install Certbot
Certbot is a tool to obtain SSL certificates from Let’s Encrypt and optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol. To install Certbot on Ubuntu 24.04, we need to install:
If your server is running Apache
# apt install python3-certbot-apacheIf your server is running nginx
# apt install python3-certbot-nginxStep 5. Enable HTTPS Protocol
Apache
If you are using Apache, we need to enable the SSL module first, because it’s not enabled by default. Let’s execute the command below to enable the SSL module.
# a2enmod sslTo apply the changes, we need to restart Apache.
# systemctl restart apache2That’s it, the Apache SSL module has been enabled. Whether you are running Apache or nginx, you can execute the command below to enable the HTTPS protocol and generate an SSL certificate for your domain/subdomain.
# certbotThe command above prompts you to select the web server you use.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Enter email address (used for urgent renewal and security notices)
(Enter 'c' to cancel): you@yourdomain.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.5-February-24-2025.pdf. You must
agree in order to register with the ACME server. Do you agree?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: y
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing, once your first certificate is successfully issued, to
share your email address with the Electronic Frontier Foundation, a founding
partner of the Let's Encrypt project and the non-profit organization that
develops Certbot? We'd like to send you email about our work encrypting the web,
EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: n
Account registered.
How would you like to authenticate and install certificates?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Apache Web Server plugin (apache)
2: Nginx Web Server plugin (nginx)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel):Simply type 1 or 2, then hit ENTER. You will be asked to type the domain name, and the SSL certificate will be issued.
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1
Please enter the domain name(s) you would like on your certificate (comma and/or
space separated) (Enter 'c' to cancel): yourdomain.com
Requesting a certificate for yourdomain.com
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/yourdomain.com/fullchain.pem
Key is saved at: /etc/letsencrypt/live/yourdomain.com/privkey.pem
This certificate expires on 2026-02-06.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.
Deploying certificate
Successfully deployed certificate for yourdomain.com to /etc/nginx/conf.d/yourdomain.com.conf
Congratulations! You have successfully enabled HTTPS on https://yourdomain.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
* Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
* Donating to EFF: https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -Bringing it all together
That’s it! The SSL certificate for yourdomain.com has been issued, and the HTTPS protocol should work properly on your domain/subdomain now.
Of course, you don’t have to install the HTTPS Protocol on Ubuntu 24.04 if you use one of our managed VPS Hosting services, in which case you can simply ask our expert Linux admins to install the HTTPS Protocol on Ubuntu 24.04 for you. They are available 24×7 and will address your request immediately. Managing a website is not just about installation; we can help you optimize your website if you have an active service with us.
If you liked this post on installing HTTPS Protocol on Ubuntu 24.04, please share it with your friends or leave a comment below.