Installing Let's Encrypt On Your Ubuntu Server
Downloading Let's Encrypt
Log into your server. At the command line, let's update our system before installing any software:
Then install git if it's not already installed.
Download a clone of Let's Encrypt from their GitHub repository. It is standard practice to install third-party packages to /opt, so you should place it there.
git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt
Navigate to the /opt/letsencrypt directory that was created.
Creating The SSL Certificate
Run Let's Encrypt for your domain requiring the certificate. Note that we did this for two domains–one with the www prefix and one without.
./letsencrypt-auto certonly --standalone -d example.com -d www.example.com
You will be asked for an email address to regain control of a lost certificate and receive urgent security notices. Agree to the Terms of Service. You may be asked if you wish to share your email address with the Electronic Frontier Foundation (feel free to say “no” if you wish).
If everything worked properly, you should receive a message similar to the following:
- If you lose your account credentials, you can recover them through
e-mails sent to firstname.lastname@example.org.
- Congratulations! Your certificate and chain have been saved at
cert will expire on 2020-03-31. To obtain a new version of the
certificate in the future, simply run Let's Encrypt again.
- Your account credentials have been saved in your Let's Encrypt
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Let's
Encrypt, so making regular backups of this folder is ideal.
- If you like Let's Encrypt, please consider supporting our work by
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
You may want to use Certbot with Let's Encrypt
Certbot (https://certbot.eff.org/) is a free, open source software tool for automatically using Let’s Encrypt certificates. One of the neat things about Certbot is that when you create your certificate using this tool, it automatically creates a cron job for renewing your certificate. How sweet is that! The Certbot tool is made by the EFF.