Let's Encrypt SSL Certificates: How to Install and Set Up Free Automated Encryption
Let's Encrypt provides free and automated encryption for your websites. In this article, we will guide you through the process of installing a Let's Encrypt SSL certificate on your server without using a control panel, utilizing the Certbot tool.
Prerequisites
Before you start the installation, make sure you have:
-
A server with Debian or Ubuntu operating system installed:
- SSH access with superuser (root) privileges or a user with sudo rights.
-
Configured DNS records for your domain:
- An A record pointing to your server.
Step 1: Install Certbot
Certbot is the official client for obtaining certificates from Let's Encrypt. We will install it on your server.
-
Update the package list and install Certbot:
shsudo apt update && sudo apt install certbot -y -
Install the appropriate Certbot package for your web server:
-
For Nginx:
shsudo apt install python3-certbot-nginx -y -
For Apache:
shsudo apt install python3-certbot-apache -y
-
Step 2: Obtain and Install the Certificate
Now that Certbot is installed, you can obtain and install the SSL certificate.
-
For Nginx:
Run Certbot for Nginx:
shsudo certbot --nginxFollow the on-screen instructions:
- Enter your email address.
- Agree to the terms of service.
- Specify the domains for which you want to obtain the certificate (e.g., example.com and www.example.com).
Certbot will automatically modify your Nginx configuration and restart the server to apply the new certificate.
-
For Apache:
Run Certbot for Apache:
shsudo certbot --apacheFollow the on-screen instructions:
- Enter your email address.
- Agree to the terms of service.
- Specify the domains for which you want to obtain the certificate.
Certbot will automatically modify your Apache configuration and restart the server to apply the new certificate.
Step 3: Set Up Automatic Certificate Renewal
Let's Encrypt certificates are valid for 90 days, so it's important to set up automatic renewal.
-
Create a cron job for automatic renewal:
shsudo crontab -e -
Add the following line to automatically renew certificates every 12 hours:
sh0 */12 * * * /usr/bin/certbot renew --quiet
Verify Installation
After completing the installation and setting up automatic renewal, ensure that the SSL certificate is working correctly. Open your website in a browser and check for the security icon (lock) in the address bar.
Installing Let's Encrypt SSL certificates with Certbot is a straightforward and effective way to secure your website without using a control panel. By following these steps, you can quickly set up and automate the certificate renewal process, ensuring reliable data encryption for your users.
If you have any questions or run into issues during the installation process, the QCKL support team is always here to help. We are committed to providing you with the best tools and solutions for your successful business.
