Let’s Encrypt free ssl

Step 1. Install Let’s Encrypt Client

sudo apt-get update
sudo apt-get install python-letsencrypt-apache

Step 2. Setup SSL Certificate

sudo letsencrypt --apache -d example.com -d www.example.com

Step 3. Confirm and backup your cert and keys (private and public)
Your certificate and chain will be storated at

cat /etc/letsencrypt/live/example.com/fullchain.pem

Step 4. Verify apache https .conf

<VirtualHost *:443>
...
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>

Step 5. Setup auto renewal
For manual method to renew

sudo letsencrypt renew

use crontab to setup auto renewal

sudo crontab -e
59 1 * * 7 /usr/bin/letsencrypt renew >> /var/log/le-renew.log

Finally test your SSL
https://www.ssllabs.com/ssltest

 

Troubleshooting

systemctl status apache2.service

Leave a Comment

Your email address will not be published. Required fields are marked *