Secure Apache with Let’s Encrypt SSL Secure Nginx with Let’s Encrypt SSL
Step 1 – Prerequisites
Before starting work on this task, I assume you already have:
Running Ubuntu system with sudo privileges shell access. A domain name registered and pointed to your server’s public IP address. For this tutorial, we use example.com and www.example.com, which is pointed to our server. Runningweb server with VirtualHost configured for example.com and www.example.com on Port 80.
Step 2 – Install Let’s Encrypt Client
Download the certbot-auto Let’s Encrypt client and save under /usr/sbin directory. Use the following command to do this.
Step 3 – Get a SSL Certificate
Let’s Encrypt do a strong Domain Validation automatically with multiple challenges to verify the ownership of the domain. Once the Certificate Authority (CA) verified the authenticity of your domain, SSL certificate will be issued. Above command will prompt for an email address, which is used for sending email alerts related to SSL renewal and expiration. Also, asks a few more questions. After completion, it will issue an SSL certificate and will also create a new VirtualHost configuration file on your system.
Step 4 – Check SSL Certificate
If everything goes fine. A new ssl will be issued at below location. Navigate to below directory and view files. Files List:
Setp 5 – Configure SSL VirtualHost
Use the following configurations for Apache and Nginx web server. Edit virtual host configuration file and add below entries for the certificate.
Nginx:
Apache:SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem Step 6 – Configure SSL Auto Renew
In the end, configure the following job on your server crontab to auto-renew SSL certificate if required. You may like:
Apache – Redirect to HTTPS Nginx – Redirect to HTTPS
