Serving a web application over HTTPS

Much of this is adapted from DigitalOcean's How To Set Up Let's Encrypt with Nginx Server Blocks on Ubuntu 16.04.

  1. Create a DigitalOcean droplet using a "one-click apps" image for Docker on Ubuntu.
  2. Buy a domain name (I'll use in these instructions).
  3. In Dreamhost's domain settings, set "DNS only" and click "Remove" to remove web hosting. In the DNS settings for the domain, add an A record for each of and, with your droplet's IP address as the value.
  4. SSH into the droplet:
    ssh root@$DROPLET_IP_ADDRESS
  5. Replace the content of /etc/nginx/sites-available/default with the following:
    server {
  6. Restart nginx:
    systemctl reload nginx
  7. Allow incoming HTTP + HTTPS requests through the firewall:
    ufw allow 'Nginx Full'
  8. Install Certbot and the nginx plugin:
    add-apt-repository ppa:certbot/certbot
    apt-get update
    apt-get install python-certbot-nginx
  9. Use Certbot to install certificates and set up the nginx config for your domain:
    sudo certbot --nginx -d -d
  10. Enter the following into the first server block of /etc/nginx/sites-available/default, where 8081 is the web application's port that will be exposed via HTTPS:
    location / {
  11. Restart nginx:
    systemctl reload nginx
  12. Start the web application and it should now be accessible at