How long do Let's Encrypt certificates last?
Certificates expire after 90 days. Certbot sets up automatic renewal by default (runs twice daily via cron). Test renewal with sudo certbot renew --dry-run to ensure it will work when needed.
Verify This Answer
Cross-check this information using these trusted sources:
More FAQs in Adding SSL with Let's Encrypt on EC2 Free HTTPS for Your Node.js App
Install certbot (sudo apt install certbot python3-certbot-nginx), ensure your domain points to your EC2 IP, then run sudo certbot --nginx -d yourdomain.com. Certbot obtains the certificate and configures Nginx automatically.
Set secure: true (HTTPS only), httpOnly: true (no JS access), and sameSite: 'none' if frontend and backend are on different domains (requires secure: true). Use sameSite: 'lax' if they're on the same domain.
Check that your DNS A record points to the correct EC2 public IP, wait for DNS propagation (up to 24 hours), ensure Nginx is running and the server_name matches the domain, and verify port 80 is open in your security group.
Still have questions?
Browse all our FAQs or reach out to our support team
