How To Install Let’s Encrypt SSL on Ubuntu Server 22.04 for Apache or Nginx
Let’s Encrypt is an open, automated certificate authority (CA) provided by Internet Security Research Group (ISRG) so that users can enable secure connection (https) on their websites for free, without hassle.
In this tutorial we will demonstrate the way to install LetsEncrypt on your Ubuntu server using certbot — an open-source tool for installing Let’s Encrypt certificates.
Pre-requisites to Install Certbot and Let’s Encrypt on Linux Server
The only prerequisite is to have ssh access with a root-privileged account on Ubuntu server with public internet access.
5 Easy Steps to Install Let’s Encrypt Certificate on Ubuntu Server 22.04 using Certbot
Step 1: Update System
Execute the following command to update your ubuntu server with the most updated packages.
root@localhost:~$ apt update -y
Step 2: Install Certbot
The following command will install certbot on your system.
root@localhost:~$ apt install certbot -y
Step 3: Install Certbot plugin for Apache or Nginx
If you are using Apache webserver then use the following command to install the respective certbot plugin for Apache.
root@localhost:~$ apt install python3-certbot-apache -y
If you are using Nginx, then use this command:
root@localhost:~$ apt install python3-certbot-nginx -y
Step 4: Generate Let’s Encrypt SSL using Certbot
It’s time to generate your free ssl!
Command for Apache users:
root@localhost:~$ certbot --apache -d your.domain.tld
Command for Nginx users:
root@localhost:~$ certbot --nginx -d your.domain.tld
Sample Output:
root@localhost:~$ certbot --apache -d mydev.netshop-isp.com.cy
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for mydev.netshop-isp.com.cy
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/my.netshop-isp.com.cy/fullchain.pem
Key is saved at: /etc/letsencrypt/live/my.netshop-isp.com.cy/privkey.pem
This certificate expires on 2024-06-01.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.Deploying certificate
Successfully deployed certificate for admin.digibot.trade to /etc/apache2/sites-enabled/000-default-le-ssl.conf
Congratulations! You have successfully enabled HTTPS on https://my.netshop-isp.com.cy
We were unable to subscribe you the EFF mailing list because your e-mail address appears to be invalid. You can try again later by visiting https://act.eff.org.- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
* Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
* Donating to EFF: https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Step 5. Restart Web Server
Last step is to restart our web server so that the new configuration with SSL enabled are applied.
If you are using Apache then use this command:
root@localhost:~$ systemctl restart apache2
or the following command for Nginx web server:
root@localhost:~$ systemctl restart nginx
Congratulations! Your website is now secure with Free Let’s Encrypt SSL!