Using LetsEncrypt for SSL/TLS

See LetsEncrypt for more information.

Create the certificates (use your domain names)

certbot certonly --webroot -w /mnt/www/letsEncrypt/ -d example.com -d www.example.com -d thing.example.com

Update NGINX config

nano /etc/nginx/nginx.conf

# un-comment the SSL listen line
  listen 443 ssl http2;


# un-comment and edit the SSL certificate lines
  ssl_certificate     /etc/letsencrypt/live/example.com/chain.pem;
  ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
  add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";

Reload NGINX

/etc/init.d/nginx reload