InterspaceKnowledgebaseTech ArticlesTutorialsSetup Free and Automated SSL with Let's Encrypt and Apache on Linux
Setup Free and Automated SSL with Let's Encrypt and Apache on Linux
Today, implementing SSL/TLS encryption is essential for securing user data and enhancing trust in your website. This guide focuses on setting up free SSL certificates from Let's Encrypt on Linux systems, using Apache as the web server.

The process leverages Certbot, an automated tool that simplifies the acquisition and renewal of certificates, making it easier to maintain a secure online presence. This guide assumes that Apache HTTP Server is installed and running on your machine.

1.Installing Certbot

1.1.On Debian-Based Systems

To install Certbot and its Apache plugin on Debian-based systems like Ubuntu, execute the following commands:
sudo apt install certbot python3-certbot-apache

This setup prepares your system for SSL certificate management.

1.2.On Red Hat-Based Systems

Start by enabling the EPEL repository to access Certbot packages:
sudo yum install epel-release

Then, proceed to install Certbot and the Apache plugin:
sudo yum install certbot python3-certbot-apache

This process readies your Red Hat-based system for SSL certificate management.

2.Acquiring SSL Certificates with Certbot

With Certbot installed, the next step is to use it to obtain SSL certificates from Let's Encrypt. This procedure includes Certbot making modifications to your Apache configuration to secure your website's connections.

2.1.Configuring Apache and Obtaining Certificates

To secure your site with an SSL certificate, run:
sudo certbot --apache

This command initiates an interactive session that guides you through the certificate acquisition process. Certbot will automatically update your site's Apache configuration file to use the newly obtained certificate, ensuring secure connections.

During this process, Certbot saves the SSL certificate files to a standard location on your system. On Debian-based and Red Hat-based systems, these files are typically located in the /etc/letsencrypt/live/ directory. This directory will contain the certificate file (cert.pem), the private key (privkey.pem), and other related files necessary for SSL configuration.

3.Automated Renewals

Let's Encrypt certificates are valid for 90 days, requiring renewal to maintain website security. Certbot automatically configures your system for these renewals. To verify the setup, perform a dry run with:
sudo certbot renew --dry-run

A successful test ensures that your system is configured to automatically renew certificates, keeping your site secure without needing manual intervention.
The content of this document is licensed by Interspace under the MIT License

Related content
My Interspace
Tech Articles
Latest news
Latest events
Related products
Internet Access
Highest-grade Internet access for professional needs. Superior point-to-point fiber-optic link, symmetrical down/up speed, unlimited traffic, SLA 99.9% and static IP. Direct connections to the top tier 1 global providers.

Our network architecture is passionately designed to ensure the highest quality connections to any destination worldwide, boasting unmatched transfer speeds and multi-tier redundancy.

Dedicated Servers
Dedicated servers on high-grade hardware from well-known sever vendors. They are hosted in our own data centers, enabling us full control in safe-guarding the uptime 24/7. Selection of primary data centers and a disaster recovery one located at a safe distance.

Power control options (reset, power off/on) and free of charge KVM-over-IP available 24/7 on a single click, including support to remotely boot/install your own ISO images.
Elastic Cloud VPS
Elastic Cloud VPS is a virtual machine powered by advanced cloud and networking technologies, offering significant advantages over traditional VPS hosting at an unbeatable price to performance ratio.

Deploy OS and apps in just 1 min. Dynamically add or remove features. One click automatic backups, snapshots and disaster recovery replica, stored in a remote data center at a safe distance. New gen of AMD EPYC CPUs, ultra fast NVMe disks, dedicated connections and free private net.

Our website uses cookies. By continuing to use our website, you consent to the use of cookies and you agree with our Terms and conditions.    I understand