How to Use Let’s Encrypt for Free SSL Certificates
Securing your website with HTTPS is essential for trust, SEO, and protecting user data. Let’s Encrypt makes it easy to get free SSL certificates for any domain. In this guide, you’ll learn how to install, configure, and auto-renew SSL with Let’s Encrypt on a Linux server.
What is Let’s Encrypt?
Let’s Encrypt is a free, automated, and open certificate authority. It provides SSL certificates that are trusted by all major browsers. Certificates are valid for 90 days and can be renewed automatically.
Step 1: Install Certbot
sudo apt update
sudo apt install certbot python3-certbot-nginx
For Apache, use python3-certbot-apache instead.
Step 2: Obtain and Install Your Certificate
sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com
Certbot will ask for your email and agree to the terms. It will then automatically update your Nginx config and reload the server.
Step 3: Test Automatic Renewal
sudo certbot renew --dry-run
Certbot sets up a cron job or systemd timer to renew certificates automatically. You can check renewal logs at /var/log/letsencrypt/.
Step 4: Verify HTTPS
- Visit https://yourdomain.com and check for the padlock icon.
- Use SSL Labs to scan your site for SSL issues.
Troubleshooting Tips
- Ports 80 and 443 must be open and reachable from the internet.
- Your domain’s DNS must point to your server’s IP.
- For firewalls, allow HTTP and HTTPS traffic.
Bonus: Using Let’s Encrypt with Other Web Servers
Let’s Encrypt works with Caddy, Apache, and even Dockerized web servers. See their documentation for integration steps.
Conclusion
With Let’s Encrypt and Certbot, securing your website with HTTPS is free, easy, and automatic. Don’t risk your users’ trust—enable SSL today!
Need help setting up SSL? Contact me for a custom solution!