Let’s Encrypt is an open SSL Certificate Authority (CA) that offers free domain-validated (DV) certificates for your websites. SSL Certificates are used to establish a secure encrypted connection between a web server and a user’s web browser. The SSL certificates that have been issued by Let’s Encrypt are valid for 90 days and are trusted by most web browsers today.
apt-get update apt-get install software-properties-common python-software-properties add-apt-repository ppa:certbot/certbot apt-get install python-certbot-apache
To test if the installation was successful, use the following command,
Let’s Encrypt validates the domain it is installed on, The client generates a new key pair when interacting with the Let’s Encrypt servers for the first time, and then aims to prove that the host has control over a particular domain.
certbot --apache -d yourdomain.com
Here, replace yourdomain.com with your domain name/domain you wish to generate the SSL certificate for.
The certificate expiration date is 90 days from the day of install.
Once the renewal is complete, reload your web service to update the configuration with the next command.
service apache2 restart
Certbot will automatically run twice a day and renew any certificate that is within thirty days of expiration. To test that this renewal process is working correctly, you can run:
0 0 1 * * /usr/bin/letsencrypt renew >> /var/log/letsencrypt-renew.log service cron restart