Bobcares
Client Area
Emergency Support
DigitalOcean | Latest

Easy way to install SSL on DigitalOcean Droplet

by | Mar 20, 2020

Do you want to install SSL on the DigitalOcean Droplet?

SSL certificate encrypts the sensitive information sent over the Internet, thereby ensuring trust to the website visitors.

DigitalOcean allows the users to add new self-signed certificates or to upload an already existing certificate to it.

At Bobcares, we often get requests to install SSL on DigitalOcean droplets, as a part of our DigitalOcean Managed Services.

Today, our Support Engineers will give a quick guide on how we do it.

 

Different options to install SSL on DigitalOcean

The SSL certificates allow web servers to encrypt the traffic. Additionally, it provides a way to validate server identity to visitors.

The DigitalOcean control panel allows its users to either add a new certificate from Let’s Encrypt or upload an existing certificate.

Now we’ll have a look at the certificate providers.

 

Let’s Encrypt

Let’s Encrypt is a free and trusted certificate provider. DigitalOcean allows us to automatically add a certificate to the domain. This is a self-signed certificate.

These certificates are valid for just 90 days. Afterward, the user can renew it. Hence small website owners often opt for the self-signed certificate.

 

Paid SSL

But, larger website owners with higher traffic prefer paid certificates that have extended validity. The major advantage of a paid SSL certificate is that it doesn’t show a warning message to the website visitors.

Some popular certificate providers include GoDaddy, Namecheap, etc.

 

How to install SSL on a Droplet?

Now we will see the steps to add the free SSL certificate from Let’s Encrypt and paid certificate from other CAs.

 

Using Let’s Encrypt to secure the domain

Let’s Encrypt provides free SSL for domains. DigitalOcean does support this, but the DNS must be with them. So a user can use free SSL if the nameservers of the domain are with DigitalOcean.

To change the nameservers, the domain owners can contact the registrar. Now let’s see the steps to add the Let’s Encrypt certificate for the domain.

  1. First login to the DigitalOcean control panel. Here select ACCOUNT >> Security from the side panel.
  2. Next under the section Certificates choose the tab Add Certificate. Here select the tab Use Let’s Encrypt and add the domain from the list.
  3. If the domain is not listed click on + Add new domain. This shows a warning to change the nameservers. So click Yes and continue.
  4. Next enter the domain name and subdomain if any. Also, provide a name for the certificate.
  5. Finally, click on the Generate certificate.

The Add Certificate window appears as,

Install SSL on DigitalOcean Droplet

Adding already existing certificate

Some users will already have paid certificates for their domain. In this case, other providers can manage the DNS. In such cases, we can add them to the DigitalOcean droplet. Let’s see the steps for this.

  1. First, select the option Add Certificate from the Security option as before. Here, we select the tab Bring your own certificate.
  2. Now add the Name for the certificate.
  3. Next, paste the public key in the Certificate option.
  4. Then paste the Private key and Certificate chain respectively.
  5. Finally, Save the SSL Certificate.

Now we have the certificates added to the DigitalOcean in either of the ways. Next, we have to force the HTTP connection to HTTPS. Usually, we check the web server and modify the rewrite rule accordingly.

 

[Need assistance in managing DigitalOcean droplet? – We can help you.]

 

Conclusion

So far we saw the ways to install SSL on DigitalOcean Droplet. SSL enables HTTPS protocol which secures the connection between a browser and a web server. Today we saw how our Support Engineers do this.

Related posts:

  1. DigitalOcean Kubernetes backup | Guide
  2. Digitalocean ASN VPN: Setup Guide
  3. Digitalocean Ingress Load Balancer: A Complete Guide
  4. Allow Ping Digitalocean Droplet: How to?

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

var google_conversion_label = "owonCMyG5nEQ0aD71QM";

6 Comments

  2. Kaashi
    Kaashi on 2021-02-18 at 00:11

    Hi

    Recently i changed my hosting Namecheap to digital ocean. While installing droplet i forgot to install SSL.

    Then am searching for solution. Them i found you. Now it’s easy task for me

    Thank’f for the information

    Reply
  3. Sam
    Sam on 2021-07-13 at 20:57

    I used this method but the SSL certificate didn’t work for the website. When I checked with Digitalocean, they said this feature is for the SSL for the droplet only, not the website.
    The website SSL should be installed from elsewhere. Can you please tell us where should we access to install it? How long does it take to be installed?

    Reply
  4. Ankit
    Ankit on 2022-03-15 at 20:15

    I have followed the steps but its saying “Failed to validate nameserver records: a non DigitalOcean Name Server was found for the domain.”

    Please suggest

    Reply
    • Hiba Razak
      Hiba Razak on 2022-07-12 at 13:02

      Hi,
      Please contact our support team via live chat

      Reply

Submit a Comment

Your email address will not be published. Required fields are marked *

Bobcares

Use your time to build great apps. Leave your servers to us.

Managing a server is time consuming. Whether you are an expert or a newbie, that is time you could use to focus on your product or service. Leave your server management to us, and use that time to focus on the growth and success of your business.

TALK TO US Or click here to learn more.

Related Articles

  1. DigitalOcean Kubernetes backup | Guide
  2. Digitalocean ASN VPN: Setup Guide
  3. Digitalocean Ingress Load Balancer: A Complete Guide
  4. Allow Ping Digitalocean Droplet: How to?

Never again lose customers to poor
server speed! Let us help you.

GET STARTED

Privacy Preference Center

Consent Management

When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience.

Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.

Privacy Policy

Required
By using this site, you agree to our Privacy Policy.

Necessary

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

PHPSESSID - Preserves user session state across page requests.

gdpr[consent_types] - Used to store user consents.

gdpr[allowed_cookies] - Used to store user allowed cookies.

Cookies Used

Required
PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]

livechat.bobcares.com

Opt Out
PHPSESSID

my.bobcares.com

Opt Out
WHMCSpKDlPzh2chML

Statistics

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

_ga - Preserves user session state across page requests.

_gat - Used by Google Analytics to throttle request rate

_gid - Registers a unique ID that is used to generate statistical data on how you use the website.

smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

Cookies Used

_ga, _gat, _gid

google.com

Opt Out
_ga, _gat, _gid

manager.smartlook.com

Opt Out
smartlookCookie

clarity.microsoft.com

Opt Out
_clck, _clsk, CLID, ANONCHK, MR, MUID, SM

Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

test_cookie - Used to check if the user's browser supports cookies.

1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

DV - Google ad personalisation

_reb2bgeo - The visitor's geographical location

_reb2bloaded - Whether or not the script loaded for the visitor

_reb2bref - The referring URL for the visit

_reb2bsessionID - The visitor's RB2B session ID

_reb2buid - The visitor's RB2B user ID

Cookies Used

IDE, test_cookie, 1P_JAR, NID, DV, NID

doubleclick.net

Opt Out
IDE, test_cookie

google.co.in

Opt Out
1P_JAR, NID, DV

google.com

Opt Out
NID

olark.com

Opt Out
hblid

rb2b.com

Opt Out
_reb2bgeo, _reb2bloaded, _reb2bref, _reb2bsessionID, _reb2buid

Security

These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier to verify if a visitor is human or a bot.

Cookies Used

SID, APISID, HSID, NID, PREF

google.com

Opt Out
SID, APISID, HSID, NID, PREF