(Linode: Install Let’s Encrypt to Create SSL Certificates)
[Update 2018 03 06: You might want to look at Certbot]
Before You Begin
- Check for updates
sudo apt-get update && sudo apt-get upgrade
- Check if git is installed
which git
If not install git
sudo apt-get install git
Password
y
- Open a port for Let’s Encrypt
sudo ufw allow 443
[Update 2018 03 06: (you might need to allow port 80 as well for some reason)]
Install Let’s Encrypt
- Download and install Let’s Encrypt
sudo git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt
- Navigate to the new
/opt/letsencrypt
directory:
cd /opt/letsencrypt
Create an SSL Certificate
- Run Let’s Encrypt including each domain to be covered with a
-d
sudo -H ./letsencrypt-auto certonly --standalone -d example.com -d www.example.com
password
a good email address
- Agree
- Success!
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at/etc/letsencrypt/live/example.com/fullchain.pem. Your cert will expire on 2017-xx-xx. To obtain a new or tweaked version of this certificate in the future, simply run letsencrypt-auto again. To non-interactively renew *all* of your certificates, run "letsencrypt-auto renew"
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt:
https://letsencrypt.org/donate
Donating to EFF:
https://eff.org/donate-le
- Setup auto renewals of certificates
sudo crontab -e
- First run select nano as editor
- Add the line to the bottom of the file to run at 02:30 every Monday, pausing nginx to allow access to port 443 as required.
30 2 * * 1 /opt/letsencrypt/letsencrypt-auto renew --quiet --pre-hook "sudo service nginx stop" --post-hook "sudo service nginx start"
(I HAVEN’T confirmed this is working yet, but it should be)
5 Replies to “Install Let’s Encrypt to Create SSL Certificates on Ubuntu”
Comments are closed.