Steps to Setup Secure Apache with Free Let’s Encrypt SSL Certificate

Nikhil Bhaskar
November 10, 2021

Steps to Setup Secure Apache with Free Let’s Encrypt SSL Certificate on Ubuntu 20.04 LTS

Let’s Encrypt is a provides to obtain and install free TLS/SSL certificates, enabling encrypted HTTPS on web server. Let’s Encrypt is a Certificate Authority (CA). It helps to encrypt the entire web to the extent that HTTPS becomes the norm.

Certbot is a free & open source software. It is easy to use tool that can automate the tasks for obtaining/generating and renewing Let’s Encrypt free SSL certificates and configuring web servers.

There are few steps to Setup Secure Apache with Free Let’s Encrypt SSL Certificate on Ubuntu:

Step 1: Update the System.

apt-get update

Step 2: Install the Apache2.

apt-get install apache2

Start & Enable the Apache2.

systemctl start apache2 systemctl enable apache2

Step 3: Install the Certbot software.It is an easy-to-use client that fetches a certificate from Let’s Encrypt & used to switch an existing HTTP site to HTTPS.

add-apt-repository ppa:certbot/certbot apt install python3-certbot-apache

Step 4: Open the Virtual host file.

vim /etc/apache2/sites-available/domain.conf

Provide the fully qualified Domain name.

... ServerName domain-name; ...

Restart the apache2.

systemctl restart apache2

Step 5: Open the https port number in firewall.

ufw allow 443 or ufw allow 'Apache Full'

Step 6: To Generate SSL Certificate.Run the following command:

cerbot or certbot --apache or certbot --apache -d domain-name -d www.domain-name

-d: to provide the name,the certificate to be valid for.
Here is the command output.
Provide the email address & Press A for Agree to the Let’s Encrypt terms of service .
To share the provided email address with the EFF (Electronic Frontier Foundation) to receive news and other information, type Y otherwise type N.

Select “which name would you like to activate HTTPS for?”, Type Appropriate number. Otherwise Enter.
Type 1 for No Redirect or Type 2 for Redirect.
Type 2 & Press Enter.

Now SSL certificate has been created successfully.

0 */12 * * * root certbot -q renew –apache

Test the configuration.Open the link mentioned on above image.

https://www.ssllabs.com/ssltest/analyze.html?d=domain-name.com

Here is the output.

Now Open the application using the domain-name with https.

Step 7: To Renewal the ssl certificate.

certbot renew --dry-run

Add on crontab file.

vim etc/crontab

Add the following line:

0 */12 * * * root certbot -q renew --apache

Leave a Reply Cancel reply

You must be logged in to post a comment.

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Functional

Performance

Analytics

Others