Published November 16, 2018 by

Install Let's Encrypt SSL with Apache on Ubuntu


In this tutorial, we are learning, with step-by-step instructions on how to install Let’s Encrypt SSL certificate with Apache on Ubuntu. Let’s Encrypt is an open SSL Certificate Authority (CA) that offers free domain-validated (DV) certificates for your websites. SSL Certificates are used to establish a secure encrypted connection between a web server and a user’s web browser. The SSL certificates that have been issued by Let’s Encrypt are valid for 90 days and are trusted by most web browsers today.

Step 1 — Install the Let's Encrypt Client
 $ sudo add-apt-repository ppa:certbot/certbot  
 $ sudo apt-get update  
 $ sudo apt-get install python-certbot-apache  

Step 2: Set Up the SSL Certificate

Install Let’s Encrypt SSL certificate on your domain (change ‘yourdomain.com’ with your actual domain):
 $ sudo certbot --apache -d example.com --preferred-challenges http  

If you want to install a single certificate that is valid for multiple domains or subdomains, you can pass them as additional parameters to the command. The first domain name in the list of parameters will be the base domain used by Let’s Encrypt to create the certificate, and for that reason we recommend that you pass the bare top-level domain name as first in the list, followed by any additional subdomains or aliases
 $ sudo certbot --apache -d example.com -d www.example.com --preferred-challenges http  

Step 3: Auto-Renew the SSL certificate with a cronjob

Create a cronjob so the SSL certificate is renewed automatically. Run:
 $ crontab -e  

and add the following line.
 0 0 1 * * /usr/bin/letsencrypt renew >> /var/log/letsencrypt-renew.log  

Save and close that file and restart cron service for the changes to take effect.
 $ service cron restart  

Open https://yourdomain.com in a web browser, and check whether Let’s Encrypt SSL is installed properly.