How to Install and Use Certbot for Free SSL Certificates on Ubuntu

Introduction:

Securing your website with SSL/TLS encryption is crucial to protect data and ensure trust with your users. Certbot, a free tool provided by the Electronic Frontier Foundation (EFF), automates the process of obtaining and renewing SSL certificates from Let’s Encrypt. In this post, we’ll guide you through the steps to install Certbot on an Ubuntu server and how to use it to secure your website with HTTPS.

What is Certbot?

Certbot is a user-friendly, open-source software tool that automates the process of deploying SSL certificates to your web server. It simplifies obtaining, renewing, and managing SSL certificates from Let’s Encrypt.

Prerequisites:

Before starting, ensure the following:

You have an Ubuntu server (18.04, 20.04, or later).
You have a registered domain name, and your domain is correctly pointed to your server's IP address.
You have Nginx or Apache installed and running.

Step 1: Install Certbot

First, we need to install Certbot and the necessary plugin for your web server (Nginx or Apache). Follow the steps below to install Certbot on Ubuntu.

For Nginx:

Update the package list:

sudo apt update

Install Certbot and the Nginx plugin:

sudo apt install certbot python3-certbot-nginx

For Apache:

Update the package list:

sudo apt update

Install Certbot and the Apache plugin:

sudo apt install certbot python3-certbot-apache

Step 2: Obtaining an SSL Certificate

After installing Certbot, the next step is to obtain an SSL certificate for your domain.

For Nginx:

Run Certbot for Nginx:

sudo certbot --nginx

Follow the prompts: Certbot will automatically detect your domain(s) from your Nginx configuration and guide you through the process. You'll be asked to:

Confirm the domains for which you'd like to enable HTTPS.
Choose whether to redirect HTTP traffic to HTTPS (highly recommended).

For Apache:

Run Certbot for Apache:

sudo certbot --apache

Follow the prompts: Similar to the Nginx process, Certbot will detect your Apache virtual hosts and guide you through the installation. Again, you can choose to automatically redirect HTTP to HTTPS.

Step 3: Verifying HTTPS is Working

Once Certbot has successfully obtained the certificate, your website should now be accessible over HTTPS. You can check this by visiting your website using https://yourdomain.com.

Step 4: Automatic Certificate Renewal

Certbot automatically configures your server to renew SSL certificates before they expire. However, you can manually test the renewal process by running:

sudo certbot renew --dry-run

This command simulates the renewal process to ensure everything is set up correctly.

Example Commands:

Check Certbot version:

certbot --version

Manual renewal of all certificates:

sudo certbot renew

View current certificates:

sudo certbot certificates

Step 5: Manually Renewing and Managing SSL Certificates

If your certificates need to be renewed manually for any reason, Certbot makes this easy:

Renew your certificate manually:

sudo certbot renew

Revoke a certificate (if needed):

sudo certbot revoke --cert-name yourdomain.com

Securing Your Site with HTTPS (Optional Redirect)

After obtaining your SSL certificate, it's important to ensure that all traffic is redirected to HTTPS. Certbot provides an option to automatically configure this for you, but you can also manually add this configuration to your Nginx or Apache settings.

For Nginx:

Edit your Nginx configuration file:

sudo nano /etc/nginx/sites-available/default

Add the following line inside your server block:

server {
    listen 80;
    server_name yourdomain.com www.yourdomain.com;
    return 301 https://$server_name$request_uri;
}

Then restart Nginx:

sudo systemctl restart nginx

For Apache:

Edit your Apache configuration file:

sudo nano /etc/apache2/sites-available/000-default.conf

Add the following line to redirect HTTP to HTTPS:

<VirtualHost *:80>
    ServerName yourdomain.com
    Redirect "/" "https://yourdomain.com/"
</VirtualHost>

Then restart Apache:

sudo systemctl restart apache2

Conclusion:

With Certbot, securing your website with SSL has never been easier. Whether you use Nginx or Apache, Certbot simplifies the process of obtaining, installing, and renewing SSL certificates, ensuring your website is always protected. Now that you’ve successfully set up HTTPS, your site visitors can trust that their data is securely encrypted.

How to Install and Use Certbot for Free SSL Certificates on Ubuntu

Introduction:

What is Certbot?

Prerequisites:

Step 1: Install Certbot

Step 2: Obtaining an SSL Certificate

Step 3: Verifying HTTPS is Working

Step 4: Automatic Certificate Renewal

Step 5: Manually Renewing and Managing SSL Certificates

Securing Your Site with HTTPS (Optional Redirect)

Conclusion:

Understanding the nohup Command: Running Processes in the Background on Linux

How to Renew SSL Certificates with Certbot: A Quick Guide

Join to our community 👋

Introduction:

What is Certbot?

Prerequisites:

Step 1: Install Certbot

Step 2: Obtaining an SSL Certificate

Step 3: Verifying HTTPS is Working

Step 4: Automatic Certificate Renewal

Step 5: Manually Renewing and Managing SSL Certificates

Securing Your Site with HTTPS (Optional Redirect)

Conclusion:

Share Article:

Understanding the nohup Command: Running Processes in the Background on Linux

How to Renew SSL Certificates with Certbot: A Quick Guide

More in this Category Ubuntu

How to Renew SSL Certificates with Certbot: A Quick Guide

How to Install and Use Certbot for Free SSL Certificates on Ubuntu

How to Add Password Protection to Nginx: A Step-by-Step Guide

How to Create Aliases in Ubuntu: Simplify Your Command Line Workflow

Join to our community 👋