SSL using LetsEncrypt

Letsencrypt is what we use to generate our SSL certificates (allows for HTTPS usage). Below are instructions using certbot to generate your certificates.

Generating Certificates

Each domain has a line as -d domain.com within the command. You can add more domains by simply adding a listing in that format and executing the command all at once.

Running this command will get a certificate for you and have Certbot edit your Apache (specified with the option “–apache”) configuration automatically to serve it. The option “–redirect” will set the domain to redirect HTTP to HTTPS.

To generate certificates, execute the commands below:

Centos: 8

sudo /usr/local/bin/certbot-auto --apache --redirect -d domain.tld

Centos:

cd /usr/local/letsencrypt && ./letsencrypt-auto --apache --redirect -d example.com -d www.example.com

Ubuntu:

sudo certbot --apache --redirect -d example.com -d www.example.com

Auto Renewal

The packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let’s Encrypt certificates last for 90 days, it’s highly advisable to take advantage of this feature. Run the command below to execute this (add the option “–dry-run” to test first):

Centos

cd /usr/local/letsencrypt && ./letsencrypt-auto renew

Ubuntu

sudo certbot renew

Deleting Certificates

If you need to delete a certificate, the best way is to use the command below (a manual deletion will not remove the link to that certificate as it is recorded in LetsEncrypt):

Centos

cd /usr/local/letsencrypt && ./certbot-auto delete --cert-name example.com

Ubuntu

sudo certbot delete --cert-name example.com

By Sharon

Hello there! I'm a web developer in Louisville, Kentucky. I started on this career path by purchasing an O’Reilly PHP book from Barnes & Noble in 1999. Since then, my desire to learn as much as I can about web site building and server maintenance has grown. I love technology and what it can do to simplify our lives and make it more interesting all at the same time. Seeing a creative design come to life and bringing it into the web world is my favorite puzzle to solve. My server experience is based around launching WordPress-friendly servers — Linux (Ubuntu and Centos flavors), Apache, MySQL, and PHP. I have worked with various modules, extensions, installs such as ImageMagick, LetsEncrypt, Sass, LESS, and the Homebrew family of extension. My main love has been with PHP, and my CMS of choice has been WordPress since its inception in 2003. I find it flexible, secure, easy to design around, and so customizable. My strengths are in developing from-scratch plugins and themes for the WordPress CMS with a strong background in PHP and MySQL development.

Leave a comment

Your email address will not be published. Required fields are marked *