Install Let’s Encrypt to Create Free SSL Certificates

Home  ›  Uncategorized  ›  Install Let’s Encrypt to Create Free SSL Certificates
Install Let’s Encrypt to Create Free SSL Certificates
June 26, 2018 3 Comments Uncategorized Jiby Mathew

Let’s Encrypt is an SSL certificate authority managed by the
Internet Security Research Group (ISRG).
It utilizes the Automated Certificate Management Environment (ACME) to automatically
deploy free SSL certificates that are trusted by nearly all major browsers.

Note

  1. The process of validating a certificate domain is automated.
  2. A certificate issued by Let’s Encrypt is valid for just a couple of weeks and must be renewed frequently.

We’ll use domain validation based on HTTP ACME challenge, which works by “provisioning an HTTP resource under a well-known URL”.

Initial Setup

To begin with, you need to install CertBot, the official Let’s Encrypt client, which is a command line utility we’ll use below to receive a ssl certificate for your domain while we assume you have root access.
Using Debian 9:

$ sudo apt-get install certbot

You can follow one of the official tutorials on how to obtain a certificate from Let’s Encrypt but here’s how we recommend doing it:

sudo certbot certonly --standalone
\
-d proxy.example.com
\
-n
\
--agree-tos
\
[email protected]

By default, this command will create /etc/letsencrypt/ directory and populate it with the certificate and key file.

$ ls -lh /etc/letsencrypt/live/proxy.example.com

Make sure that you list the path in the software’s you wishes to use the SSL.

Certificate Renewals

A certificate issued by Let’s Encrypt is valid only for a few weeks,
which means it must be renewed periodically. You can run this command (see letsencrypt rate limit guidelines) as root:

$ certbot certonly --standalone -d proxy.example.com -n --force-renewal

This forces the renewal of the certificate. Another option is to run it more frequently but you will have to drop --force-renewal flag.
CertBot is smart enough not to touch a certificate if it’s still valid.

Result

In conclusion, you installed the Let’s Encrypt client certbot, creates SSL certificates for your domain,  and set up automatic certificate renewal. If you have further questions about using Certbot, their documentation is a good place to start.

Tags
About The Author
Jiby Mathew
Posts You might like
Saving iptables rules in Linux June 29, 2018
SSL redirect from HTTP to HTTPS June 27, 2018
Hosting and Cloud Computing – The Growth Potential in India March 26, 2018
Leave Comment
  1. 1

    SSL redirect from HTTP to HTTPS | Chociz Services

    […] this guide we show how to setup ssl redirection for your website. If you need a free SSL, follow this […]

    Reply
  2. 1

    ****** *****

    It’s impressive that you are getting thoughts from this article as well as from our dialogue made at this place.

    Reply
  3. 1

    hgf

    Wow! This blog looks exactly like my old one! It’s on a completely different topic
    but it has pretty much the same page layout and design. Excellent choice of colors!

    Reply

Leave a reply

Your email address will not be published. Required fields are marked *