`ubuntu let's encrypt

Let’s Encrypt is a free, automated and open source SSL programme. Let’s Encrypt managed by the Internet Security Research Group (ISRG). After that lunch, It now powers millions of website.

To enable free HTTPS connection on your Linux hosted website, you need to install let’s encrypt. Let’s Encrypt is a Certificate Authority (CA) which will help you to get free SSL certificates needed for your server. With the help of this, the server can run securely.

Let’s Encrypt SSL allows you to encrypt the transaction your site free of charge. Let’s Encrypt makes it extremely easy to install the certificates on Ubuntu 14.04 and Ubuntu 16.04.

In this article, I will show you how to install and configure Let’s Encrypt SSL Certificate on Ubuntu 14.04 and Ubuntu 16.04. Before beginning installation, you need to know about SSL.

What is SSL and How it works?

Secure Sockets Layer (SSL) is a standard security technology for establishing an encrypted link between a server and a client—typically a web server (website) and a browser. When installed on a web server, it activates the padlock and the https protocol and allows secure connections from a web server to a browser. SSL is the backbone of our secure Internet and it protects your sensitive information as it travels across the world’s computer networks.

SSL certificate is very important because the information you send on the Internet is passed from computer to computer to get to the destination server. Any computer in between you and the server can see your credit card numbers, usernames and passwords, and other sensitive information if it is not encrypted with an SSL certificate. When an SSL certificate is used, the information becomes unreadable to everyone except for the server you are sending the information to. This protects it from hackers and identity thieves.

 

Let’s Encrypt SSL Installation on Ubuntu Server

In this tutorial, we will learn the entire process of installing the Let’s Encrypt SSL certificate on Ubuntu 14.04 and Ubuntu 16.04 and set up them on Apache web server and how to renew the certificate automatically. Let’s Start

 

Ubuntu 14.04 Let’s Encrypt SSL Installation:

Download the certbot-auto Let’s Encrypt client from the EFF download site to the /usr/local/sbin directory

#sudo cd /usr/local/sbin
#sudo wget https://dl.eff.org/certbot-auto

Set the required permission to the script.

#sudo chmod a+x /usr/local/sbin/certbot-auto

For generating SSL certificate make sure you have installed apache on your server. If you don’t have it then you need to install apache by typing following commands:

#sudo apt-get install apache2
#sudo service apache2 restart

Now, we will generate the SSL certificate for apache with the help of certbot-auto.

Now here you can generate SSL certificate for your domain name by typing following commands (Replace your domain name with example.com) :

#sudo certbot-auto --apache -d example.com

We can use let’s encrypt certificate for multiple domains and subdomains. The “first domain” name will be base domain and “second domain” will be bare top-level domain name as first in the list.

#sudo certbot-auto --apache -d example.com -d www.example.com

After entering this command you have to agree to the license and provide an email address for lost key recovery and notices. After that, you have to select one option between http and https.

You can choose https. Hyper Text Transfer Protocol Secure (HTTPS) it’s a secure version of HTTP. With the help of this protocol, the data will transfer securely between server and client computer. Once your installation finished, congratulation message will get displayed on your console.

Now view the file /etc/letsencrypt/live to find your Generated certificate.

#sudo ls /etc/letsencrypt/live

Now you need to test your SSL certificate to visit the following link;

https://www.ssllabs.com/ssltest/analyze.html?d=example.com

Let’s Encrypt certificates expire after 90 days. So we should renew it after sometimes. And certificates should be renewed every 60 days. Now run auto renew command.

#sudo certbot-auto renew

Now create a cronjob for auto-renew let’s encrypt SSL certificate every week.

#sudo vim crontab -e

After this command one blank file will be open, you have to enter the following details to it and save:

**crontab**

**15 5 * * 5 /usr/bin/certbot-auto renew >> /var/log/le-renew.log**

Save and exit.

8 COMMENTS

  1. I was suggested this website by way of my cousin. I’m no longer positive whether this publish is written by
    means of him as nobody else understand such particular about
    my difficulty. You’re amazing! Thank you!

  2. Fantastic items from you, man. I have be mindful your stuff prior to and you
    are simply too excellent. I actually like what you have obtained here, really like what you are saying and the way in which you assert it.

    You’re making it entertaining and you still take care of to
    keep it smart. I can not wait to read far more from you.
    That is actually a terrific web site.

  3. I think that is among the most important information for me.
    And i am glad reading your article. But want to statement on few
    common things, The website style is wonderful, the articles is truly nice :
    D. Just right activity, cheers

  4. You are so cool! I don’t suppose I’ve read something like that before.
    So great to discover another person with a few original thoughts on this issue.
    Really.. thank you for starting this up. This web site is one thing that is required on the internet, someone with a bit of originality!

  5. Aw, this was a really nice post. Finding the time and actual effort to make a very good
    article… but what can I say… I hesitate a whole
    lot and never manage to get nearly anything done.

  6. Hi there! I know this is somewhat off topic but
    I was wondering which blog platform are you using for this website?
    I’m getting fed up of WordPress because I’ve had problems with hackers and I’m looking at options for another platform.

    I would be awesome if you could point me in the direction of a good platform.

    • I think WordPress is better than all other CMS. You can install Wordfence Security plugin to protecting your website from the hacker. if you need any help to secure your website, let me know. I will help you.

LEAVE A REPLY

Please enter your comment!
Please enter your name here