Let’s Encrypt is a free and open Certificate Authority (CA) that provides free digital certificates for enabling HTTPS (HTTP Secure) on websites. HTTPS uses the SSL/TLS protocol to encrypt communications so that attackers can’t steal data.
The goal of Let’s Encrypt is to offer free alternatives and make it easier for site owners to obtain and install SSL/TLS certificates, ensuring secure communication between their websites and users.
Today, you will learn how to use Let’s Encrypt client – certbot with Apache to obtain a free SSL certificate for your websites. By following this step-by-step guide, you’ll be able to secure your website with HTTPS, ensuring the protection of sensitive data and improving user trust.
Table of Contents
- An Ubuntu 22.04 VPS
- SSH root access or regular system user with sudo privileges
Step 1: Update the System
Before we begin, let’s make sure our system is up to date. Open a terminal and run the following commands:
# apt-get update # apt-get upgrade
Step 2. Install Apache and enable the SSL module
If you don’t already have Apache installed, you should run the following command to install the Apache server.
# apt install apache2
Once installed, you can check if the Apache service is running with:
# systemctl status apache2
You should receive similar output confirming that the Apache service is running:
● apache2.service - The Apache HTTP Server Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled) Active: active (running) since Thu 2023-06-22 12:17:52 UTC; 2min 16s ago Docs: https://httpd.apache.org/docs/2.4/ Process: 2807 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCESS) Main PID: 2812 (apache2) Tasks: 55 (limit: 1141) Memory: 6.0M CPU: 35ms CGroup: /system.slice/apache2.service ├─2812 /usr/sbin/apache2 -k start ├─2813 /usr/sbin/apache2 -k start └─2814 /usr/sbin/apache2 -k start
You can now check which Apache modules are installed with the command apachectl -M. To check if the SSL module is installed, we can run the following:
# apachectl -M | grep ssl
If you don’t receive any output, this means the module is missing, and it can be installed using the command:
# a2enmod ssl
Then, you can go ahead and restart the apache service and continue with the certbot installation.
# systemctl restart apache2
Step 2: Install Certbot
Certbot is the Let’s Encrypt client that makes obtaining and installing SSL/TLS certificates easier. Now, you can install Certbot by running the following command:
# apt install certbot python3-certbot-apache
Step 5: Obtain and Install the Certificate
Now, it’s time to obtain and install the Let’s Encrypt certificate for your domain. Replace example.com with your actual domain name in the following command:
# certbot --apache -d example.com
Certbot will guide you through the process and prompt you to agree to the terms of service and provide an email address for renewal notifications.
You can also just use the command:
# certbot –apache
You can also simply use the command certbot –apache menu without any options to obtain or renew SSL certificates for all domains or only select specific domains for which to obtain/renew certificates. You will be asked to confirm the terms of services, and then you will be asked
“Which names would you like to activate HTTPS for?” 1. Domain1.com 2. Domain2.com 3. Domain3.com
Once you select the domain, Let’s Encrypt will try to obtain and install an SSL certificate for that domain.
Step 6: Automatic Certificate Renewal
Let’s Encrypt certificates are valid for 90 days. It’s crucial to set up automatic certificate renewal to ensure continuous encryption. Fortunately, Certbot makes this process easy. Run the following command to configure the renewal cron job:
# certbot renew --dry-run
The –dry-run flag allows Certbot to simulate the renewal process without actually modifying any certificates. This step ensures everything is set up correctly before the renewal is enabled.
Step 7: Verify HTTPS Configuration
Once the certificate installation and renewal setup are complete, it’s important to verify that your website is now accessible via HTTPS. Open a web browser and navigate to your domain (e.g., https://example.com). You should see a secure connection with a padlock icon in the address bar.
Conclusion: Congratulations! You have successfully installed Let’s Encrypt with Apache on Ubuntu 22.04. By following this tutorial, you have secured your website with HTTPS, enhancing the security and trustworthiness of your online presence. Remember to regularly check the certificate’s expiration and renew it when needed to maintain continuous encryption.
If you find this setup difficult or do not know how to install Let’s Encrypt with Apache on Ubuntu 22.04, you can always contact our technical support. We are available 24/7 via live chat or support tickets. All you have to do is to sign up for one of our Linux VPS hosting plans and submit a support ticket. Our admins will reply to you in no time!
If you liked this post about installing Let’s Encrypt with Apache on Ubuntu 22.04, please share it with your friends on social networks or simply leave a reply below.