Let's Encrypt is a free service for SSL/TLS service. I'm going to show you, how to use certbot on a linux system. I will also explain how to configure it  for Apache httpd and nginx.

How do I use Certbot?

To configure a certificate, make sure Certbot is installed by run this command:

certbot --version

If a version is displayed, you can continue. Otherwise, you have to follow the install-instruction on https://certbot.eff.org/.

Apache httpd Setup

The following command will guide you through the setup process:

certbot --apache -d YOURDOMAIN.COM

A log will be saved during the process. Your certificate can now be used.

Nginx Setup

The following command will guide you through the setup process:

certbot --nginx -d YOURDOMAIN.COM

A log will be saved during the process. Your certificate can now be used.

Additional steps?

Your certificates will be saved in /etc/letsencrypt/live. Your configuration file of your webserver was automatically modified during the previous command. The server will now use the certificates to serve https requests. If you have any existing redirecting routes, you can now change http to https.

Your certificates will expire in the future and need to be renewed. You can set up a cron job to check at least every day, if there are any renewals due.

First, you should check if a renewal will be run successfully. This can be done by executing the following command:

certbot renew --dry-run

If the log does not show any error, you are good to go. You can now create a cron job for this.

crontab -e

There you can add 0 1,13 * * * certbot renew >/dev/null

With this set, your certificates will be checked twice a day. If a renewal is due, the cron job will process it.


Please comment below, if you have any questions.

Credits: