Step 1. Install Let’s Encrypt Client
sudo apt-get update
sudo apt-get install python-letsencrypt-apache
Step 2. Setup SSL Certificate
sudo letsencrypt --apache -d example.com -d www.example.com
Step 3. Confirm and backup your cert and keys (private and public)
Your certificate and chain will be storated at
cat /etc/letsencrypt/live/example.com/fullchain.pem
Step 4. Verify apache https .conf
<VirtualHost *:443>
...
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
Step 5. Setup auto renewal
For manual method to renew
sudo letsencrypt renew
use crontab to setup auto renewal
sudo crontab -e
59 1 * * 7 /usr/bin/letsencrypt renew >> /var/log/le-renew.log
Finally test your SSL
https://www.ssllabs.com/ssltest
Troubleshooting
systemctl status apache2.service