# 07. Generate SSL Free Let's Encrypt Nginx dengan Certbot

### Update Snap Core dan Refresh Database

Untuk install core snap, login terlebih dahulu ke vps

[![Screenshot 2023-10-19 at 03.46.28.png](https://book.najamudinridha.com/uploads/images/gallery/2023-10/scaled-1680-/screenshot-2023-10-19-at-03-46-28.png)](https://book.najamudinridha.com/uploads/images/gallery/2023-10/screenshot-2023-10-19-at-03-46-28.png)

kemudian jalankan perintah berikut :

```bash
sudo snap install core; sudo snap refresh core
```

[![Screenshot 2023-10-19 at 03.48.05.png](https://book.najamudinridha.com/uploads/images/gallery/2023-10/scaled-1680-/screenshot-2023-10-19-at-03-48-05.png)](https://book.najamudinridha.com/uploads/images/gallery/2023-10/screenshot-2023-10-19-at-03-48-05.png)

tunggu proses selesai seperti berikut ini

[![Screenshot 2023-10-19 at 03.48.56.png](https://book.najamudinridha.com/uploads/images/gallery/2023-10/scaled-1680-/screenshot-2023-10-19-at-03-48-56.png)](https://book.najamudinridha.com/uploads/images/gallery/2023-10/screenshot-2023-10-19-at-03-48-56.png)

### Remove Certbot Lama dengan APT

setelah snap certbot terinstall, remove certbot lama yang terinstall di apt dengan perintah

```bash
sudo apt remove certbot
```

[![Screenshot 2023-10-19 at 03.49.12.png](https://book.najamudinridha.com/uploads/images/gallery/2023-10/scaled-1680-/screenshot-2023-10-19-at-03-49-12.png)](https://book.najamudinridha.com/uploads/images/gallery/2023-10/screenshot-2023-10-19-at-03-49-12.png)

### Install Certbot dengan Ubuntu Snap

untuk install certbot via snap jalankan perintah berikut

```bash
sudo snap install --classic certbot
```

[![Screenshot 2023-10-19 at 03.50.22.png](https://book.najamudinridha.com/uploads/images/gallery/2023-10/scaled-1680-/screenshot-2023-10-19-at-03-50-22.png)](https://book.najamudinridha.com/uploads/images/gallery/2023-10/screenshot-2023-10-19-at-03-50-22.png)

tunggu hingga proses selesai dan lakukan symlink certbot di folder snap ke usr dengan perintah berikut :

```bash
sudo ln -s /snap/bin/certbot /usr/bin/certbot
```

[![Screenshot 2023-10-19 at 03.51.18.png](https://book.najamudinridha.com/uploads/images/gallery/2023-10/scaled-1680-/screenshot-2023-10-19-at-03-51-18.png)](https://book.najamudinridha.com/uploads/images/gallery/2023-10/screenshot-2023-10-19-at-03-51-18.png)

### Install SSL dengan Certbot Nginx

untuk install ssl let's encrypt dengan certbot di nginx, jalankan perintah berikut :

```bash
sudo certbot --nginx -d idrive.id -d www.idrive.id -d jurnal.idrive.id -d www.jurnal.idrive.id
```

[![Screenshot 2023-10-19 at 03.53.05.png](https://book.najamudinridha.com/uploads/images/gallery/2023-10/scaled-1680-/screenshot-2023-10-19-at-03-53-05.png)](https://book.najamudinridha.com/uploads/images/gallery/2023-10/screenshot-2023-10-19-at-03-53-05.png)

lakukan pengecekan pada nginx virtualhost, ada perubahan config seperti berikut ini managed by certbot

[![Screenshot 2023-10-19 at 03.54.08.png](https://book.najamudinridha.com/uploads/images/gallery/2023-10/scaled-1680-/screenshot-2023-10-19-at-03-54-08.png)](https://book.najamudinridha.com/uploads/images/gallery/2023-10/screenshot-2023-10-19-at-03-54-08.png)

### Cek Snap Certbot Renew

untuk melakukan pengecekan apakah certbot autorenew berjalan dengan baik jalankan perintah berikut :

```bash
sudo systemctl status snap.certbot.renew.service
```

[![Screenshot 2023-10-19 at 03.55.01.png](https://book.najamudinridha.com/uploads/images/gallery/2023-10/scaled-1680-/screenshot-2023-10-19-at-03-55-01.png)](https://book.najamudinridha.com/uploads/images/gallery/2023-10/screenshot-2023-10-19-at-03-55-01.png)

### Testing Renew SSL Certbot Dry-Run

anda dapat melakukan testing renew sertifikat ssl anda dengan perintah berikut untuk simulasi :

```bash
sudo certbot renew --dry-run
```

[![Screenshot 2023-10-19 at 03.56.07.png](https://book.najamudinridha.com/uploads/images/gallery/2023-10/scaled-1680-/screenshot-2023-10-19-at-03-56-07.png)](https://book.najamudinridha.com/uploads/images/gallery/2023-10/screenshot-2023-10-19-at-03-56-07.png)

jika sudah terinstall, coba akses domain apakah sudah diarahkan ke https seperti gambar berikut

[![Screenshot 2023-10-19 at 04.14.43.png](https://book.najamudinridha.com/uploads/images/gallery/2023-10/scaled-1680-/screenshot-2023-10-19-at-04-14-43.png)](https://book.najamudinridha.com/uploads/images/gallery/2023-10/screenshot-2023-10-19-at-04-14-43.png)

<iframe allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" allowfullscreen="allowfullscreen" frameborder="0" src="https://www.youtube.com/embed/kAwuD3tcz_w?si=bvdtfmbkGEr6gq9w" style="width: 100%; aspect-ratio: 16/10;" title="YouTube video player"></iframe>