Install Let’s Encrypt (Cerbot) on Ubuntu 20.04
Unlike in RHEL-based distributions where Certbot is not available in the official repositories, it is in Ubuntu. That’s why the installation and configuration are quite quick to do.
Before you start, you need to have a valid domain to create the certificate. If this does not exist then you will not be able to complete it.
Also, the process is automatic for Apache and Nginx, but in this post, we will demonstrate it with Apache.
So, I will connect via SSH to your server and update Ubuntu.
sudo apt update
sudo apt upgrade
After that, you have to install the certbot package from the official repositories. In addition to this, you have to install the Apache or Nginx plugin. As in this case, we are using Apache, the package to install is python3-certbot-apache.
sudo apt install certbot python3-certbot-apache
As they are lightweight packages, the installation should not take too long.
Now we need to get a new certificate for our website.
Get a new certificate using Let’s Encrypt (Certbot) on Ubuntu
With Cerbot installed on the system, we can now obtain the certificates. To do this, you first need to have a correctly made VirtualHost with the ServerName value set to your domain.
Then, you can run this command and get the certificate in question:
sudo certbot --apache -d your-domain
Another option is to add the -d option several times to get multiple certificates for multiple domains.
Then you can use the -d option to specify the domain you want to get the certificate for. Also, you can run certbot without the need to specify the domain.
sudo certbot --apache
In this case, the terminal will show you some screens where you will have to accept the conditions, enter the domain as well as a valid email address that will be used to inform you when there is an error when renewing the certificate.
In the end, to apply the changes, you have to restart Apache.
sudo systemctl restart apache2
Renew certificate with Certbot
The certificates provided by Let’s Encrypt are valid for 90 days. So you have to renew them periodically. One of the ways to do this is to execute the following command
sudo certbot renew
We can also do a simulation of the command, by adding --dry-run to it.
sudo certbot renew --dry-run
If all goes well, you will have the option to renew it manually.
In Ubuntu a task is included in the cron where this process is done automatically, you can check it as follows:
sudo systemctl status certbot.timer
So, with this, you can now enable HTTPS for accessing your website.
Conclusion
Enabling HTTPS connections should become one of your priorities to make your website more visited and to protect the transmitted data. Especially if they are dynamic websites.
Now thanks to this post, you know how to do it with Certbot on Ubuntu 20.04. But you can also do it on CentOS 8.