Install Let's Encrypt SSL on Ubuntu with Apache or Nginx
source link: https://www.vultr.com/docs/setup-letsencrypt-on-linux
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Using a Different System?
- Let's Encrypt on cPanel
- Let's Encrypt on Plesk
- Installing Let's Encrypt on DirectAdmin
- Using Let's Encrypt on OpenBSD 6.1
- Install Nginx, Wordpress and Let's Encrypt in Minutes With EasyEngine on Debian 8 or Ubuntu 16.04
- How to Install Let's Encrypt SSL on CentOS 7 Running Apache Web Server
- Install Let's Encrypt SSL on One-Click WordPress
- How to Configure a Let's Encrypt TLS Certificate for Windows Remote Desktop
- Wildcard Let's Encrypt SSL for One-Click LAMP
- Install a Free Let's Encrypt TLS/SSL Certificate on a CentOS 7 LEMP Server with Certbot
- Use a Wildcard Let's Encrypt Certificate with Vultr Load Balancer
Introduction
Let’s Encrypt is an automated, open certificate authority that offers free TLS/SSL certificates for the public’s benefit. The service is provided by the Internet Security Research Group (ISRG). This tutorial shows how to install a Let's Encrypt SSL certificate on an Ubuntu 20.04 server with either Apache or Nginx using the Certbot installation wizard. After completing this tutorial, the server will have a valid certificate and redirect all HTTP requests to HTTPS.
Prerequisites
This tutorial assumes that you have deployed a Vultr Ubuntu server with Apache or Nginx, have a domain name pointing to your server IP address, and you are logged in as root.
1. Install Certbot
Install Certbot with Snap.
Verify snapd is up to date.
$ sudo snap install core; sudo snap refresh core
Remove
certbot-auto
and any Certbot OS packages.$ sudo apt-get remove certbot
Install Certbot with Snap.
$ sudo snap install --classic certbot
Link Certbot to
/usr/bin
.$ sudo ln -s /snap/bin/certbot /usr/bin/certbot
2. Install Certificate
Run certbot
to install the certificate. Full examples are below, here are descriptions of the command line options:
--apache
- Use the Apache web server
--nginx
- Use the nginx web server
--redirect
- Redirect all HTTP requests to HTTPS.
-d example.com -d www.example.com
- Install a multiple domain (SAN) certificate. You may use up to 100 -d domain entries.
-
- The notification email address for this certificate.
--agree-tos
- Agree to the terms of service.
Use certbot --help
for more information. See the Certbot FAQ for more information about SAN certificates.
Example: Apache
Run Certbot for Apache.
# certbot --apache --redirect -d example.com -d www.example.com -m [email protected] --agree-tos
Example: Nginx
Before running Certbot, make sure server_name is set properly. Edit your Nginx configuration:
# nano /etc/nginx/conf.d/default.conf
Update server_name to include your domain name.
server { server_name example.com www.example.com;
Save and exit the file.
Run Certbot for Nginx.
# certbot --nginx --redirect -d example.com -d www.example.com -m [email protected] --agree-tos
3. Verify Automatic Renewal
Let's Encrypt certificates are valid for 90 days. The Certbot wizard updates the systemd timers and crontab to automatically renew your certificate.
Verify the timer is active.
# systemctl list-timers | grep 'certbot\|ACTIVATES'
Verify the crontab entry exists.
# ls -l /etc/cron.d/certbot
Verify the renewal process works with a dry run.
# certbot renew --dry-run
Summary
Installing a free Let's Encrypt certificate is simple with Certbot. For more information, see the official Certbot installation documentation.
Want to contribute?
You could earn up to $600 by adding new articles
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK