So you have a lovely new website running on your Ubuntu server, but wouldn’t it be nice to have that small padlock to give visitors peace of mind? To have all traffic between your website and the browser encrypted…..but you don’t want to spend days waiting, and a small fortune on an SSL Certificate, then wait for the certification authority to email you, with lengthy confirmations etc. Thankfully, there is a lovely easy way!
All you need to do is to ensure that the domain name (the only part you need to change in the script below, indicated in bold) has a DNS entry pointing to the IP address of the server you are running this on, and hey presto, a free SSL Certificate that automatically renews using a cron task that it adds automatically for you! No more renewals ever again!
NB. When running this, there will be a 10-15 second interruption in the Apache2 web-server as it stops and re-starts, meaning live site visitors at that moment may see an error.
/* Lets Encrypt */
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install python-certbot-apache
sudo certbot --authenticator standalone --installer apache -d www.yourdomainnamehere.com --pre-hook "systemctl stop apache2" --post-hook "systemctl start apache2"
Follow the on-screen prompts (usually only 2 or 3, and it works seamlessly)!