Knowledgebase

  1. Portal Home
  2. Knowledgebase
  3. Operating Systems
  4. Linux Guides
  5. Install Let's Encrypt SSL on Ubuntu with Apache or Nginx

  Categories

23
Accounts
 16
App Platform
 8
Backups
 7
Billing
 4
Connectivity Troubleshooting
 148
Data Management
 1
Ddos
 197
Development
 13
DNS
 41
Game Servers
 5
Hosting Packages
 97
Infrastructure
 6
IPv6
 48
Kubernetes
 11
Load Balancers
 34
Machine Learning
 10
MongoDB
 1
Monitoring
 21
MySQL
 14
Networking
 1039
Operating Systems
 21
PostgreSQL
 1
Private Internet Guardian (VPN)
 1
Products
 7
Redis
 100
Reference Guides
 4
Resellers
 6
Reserved IPs
 86
Server
 322
Server Apps
 7
Site Management Tools
 1
SnapShooter
 16
Snapshots
 3
Spaces
 4
SSH Troubleshooting
 5
SSL
 2
Streaming and Broadcasting
 23
Support Plans FAQ
 2
Teams
 6
Third-Party Applications
 5
Volumes
 1
VPC
 2
Windows Security

  Categories

  Support

  My Support Tickets   Announcements   Knowledgebase   Downloads   Network Status   Open Ticket

Install Let's Encrypt SSL on Ubuntu with Apache or Nginx Print

  • 0

Introduction

Let's Encrypt is an automated, open certificate authority that offers free TLS/SSL certificates for the public's benefit. The service is provided by the Internet Security Research Group (ISRG). This tutorial shows how to install a Let's Encrypt SSL certificate on an Ubuntu 20.04 server with either Apache or Nginx using the Certbot installation wizard. After completing this tutorial, the server will have a valid certificate and redirect all HTTP requests to HTTPS.

Prerequisites

This tutorial assumes that you have deployed a Rcs Ubuntu server with Apache or Nginx, have a domain name pointing to your server IP address, and you are logged in as root.

1. Install Certbot

The recommended installation method for Certbot is with Snap.

  1. Verify snapd is up to date.

     $ sudo snap install core; sudo snap refresh core

  2. Remove certbot-auto and any Certbot OS packages.

     $ sudo apt-get remove certbot

  3. Install Certbot with Snap.

     $ sudo snap install --classic certbot

  4. Link Certbot to /usr/bin.

     $ sudo ln -s /snap/bin/certbot /usr/bin/certbot

2. Install Certificate

Run certbot to install the certificate. Full examples are below, here are descriptions of the command line options:

  • --apache: Use the Apache web server
  • --nginx: Use the nginx web server
  • --redirect: Redirect all HTTP requests to HTTPS.
  • -d example.com -d www.example.com: Install a multiple domain (SAN) certificate. You may use up to 100 -d domain entries.
  • -m admin@example.com: The notification email address for this certificate.
  • --agree-tos: Agree to the terms of service.

Use certbot --help for more information. See the Certbot FAQ for more information about SAN certificates.

Example: Apache

Run Certbot for Apache.

# certbot --apache --redirect -d example.com -d www.example.com -m admin@example.com --agree-tos

Example: Nginx

  1. Before running Certbot, make sure server_name is set properly. Edit your Nginx configuration:

     # nano /etc/nginx/conf.d/default.conf

  2. Update server_name to include your domain name.

     server {
     server_name  example.com www.example.com;

  3. Save and exit the file.

  4. Run Certbot for Nginx.

     # certbot --nginx --redirect -d example.com -d www.example.com -m admin@example.com --agree-tos

3. Verify Automatic Renewal

Let's Encrypt certificates are valid for 90 days. The Certbot wizard updates the systemd timers and crontab to automatically renew your certificate.

  1. Verify the timer is active.

     # systemctl list-timers | grep 'certbot\|ACTIVATES'

  2. Verify the crontab entry exists.

     # ls -l /etc/cron.d/certbot

  3. Verify the renewal process works with a dry run.

     # certbot renew --dry-run

Summary

Installing a free Let's Encrypt certificate is simple with Certbot. For more information, see the official Certbot installation documentation.

Introduction Let's Encrypt is an automated, open certificate authority that offers free TLS/SSL certificates for the public's benefit. The service is provided by the Internet Security Research Group (ISRG). This tutorial shows how to install a Let's Encrypt SSL certificate on an Ubuntu 20.04 server with either Apache or Nginx using the Certbot installation wizard. After completing this tutorial, the server will have a valid certificate and redirect all HTTP requests to HTTPS. Prerequisites This tutorial assumes that you have deployed a Rcs Ubuntu server with Apache or Nginx, have a domain name pointing to your server IP address, and you are logged in as root. 1. Install Certbot The recommended installation method for Certbot is with Snap. Verify snapd is up to date. $ sudo snap install core; sudo snap refresh core Remove certbot-auto and any Certbot OS packages. $ sudo apt-get remove certbot Install Certbot with Snap. $ sudo snap install --classic certbot Link Certbot to /usr/bin. $ sudo ln -s /snap/bin/certbot /usr/bin/certbot 2. Install Certificate Run certbot to install the certificate. Full examples are below, here are descriptions of the command line options: --apache: Use the Apache web server --nginx: Use the nginx web server --redirect: Redirect all HTTP requests to HTTPS. -d example.com -d www.example.com: Install a multiple domain (SAN) certificate. You may use up to 100 -d domain entries. -m admin@example.com: The notification email address for this certificate. --agree-tos: Agree to the terms of service. Use certbot --help for more information. See the Certbot FAQ for more information about SAN certificates. Example: Apache Run Certbot for Apache. # certbot --apache --redirect -d example.com -d www.example.com -m admin@example.com --agree-tos Example: Nginx Before running Certbot, make sure server_name is set properly. Edit your Nginx configuration: # nano /etc/nginx/conf.d/default.conf Update server_name to include your domain name. server { server_name example.com www.example.com; Save and exit the file. Run Certbot for Nginx. # certbot --nginx --redirect -d example.com -d www.example.com -m admin@example.com --agree-tos 3. Verify Automatic Renewal Let's Encrypt certificates are valid for 90 days. The Certbot wizard updates the systemd timers and crontab to automatically renew your certificate. Verify the timer is active. # systemctl list-timers | grep 'certbot\|ACTIVATES' Verify the crontab entry exists. # ls -l /etc/cron.d/certbot Verify the renewal process works with a dry run. # certbot renew --dry-run Summary Installing a free Let's Encrypt certificate is simple with Certbot. For more information, see the official Certbot installation documentation.
Was this answer helpful?

Related Articles

Install MongoDB on CentOS .article--sm, .article--sm .alert { font-size: 15px; line-height: 24px;... How to Set Up SSH Keys on Ubuntu 20.04 .Markdown_markdown___3RCz pre.prefixed code ol { list-style: none; margin: 0;... Install Apache Maven on Ubuntu 18.04 .article--sm, .article--sm .alert { font-size: 15px; line-height: 24px;... Setup Red5 Media Server on CentOS 7 Using a Different System?... How to Reset the Root Password on a RCS Cloud Server Introduction If you have lost access to the root account, you can...
Back

Powered by WHMCompleteSolution

  Support

  My Support Tickets   Announcements   Knowledgebase   Downloads   Network Status   Open Ticket