Step 1 — Installing Certbot
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install python-certbot-nginx
for ubuntu 20.4: sudo apt-get install python3-certbot-nginx
Step 2 — Setting up Nginx
At first need to update nginx configuration in /etc/nginx/sites-available/example.comserver_name example.com www.example.com;
Please follow the configuration option in http://toihid.com/domain-pointing-to-digital-ocean-nginx/
sudo nginx -t
sudo systemctl reload nginx
Step 3 — Allowing HTTPS Through the Firewall
sudo ufw status
sudo ufw allow 'Nginx Full'
sudo ufw delete allow 'Nginx HTTP'
sudo ufw status
Step 4 — Obtaining an SSL Certificate
sudo certbot --nginx -d example.com -d www.example.com
Step 5 — Verifying Certbot Auto-Renewal
sudo certbot renew --dry-run
More details in https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04