How to Install Let’s Encrypt SSL on Ubuntu 20.04

To make the web more secure, you need SSL on every website. SSL stands for Secure Socket Layer, the technology behind SSL certificates is to secure the communication between clients and servers. Moreover, Google started to use HTTPS as a ranking signal. In this article, I will share step by step guide to install Let’s Encrypt SSL on Ubuntu 20.04 with auto-renewal.

Install Let’s Encrypt SSL on Ubuntu 20.04 with Auto-Renewal

Server Requirements

• Ubuntu 20.04 server setup with a non-root user with firewall.

• A registered domain name.

• DNS mapped with the domain.

• Apache has to be installed, follow the article How to install LAMP on Ubuntu 20.04

Step-by-Step Guide

Follow the step-by-step guide to install SSL on Ubuntu.

Step 1: Install Let’s Encrypt client – Certbot

Before installing SSL, let’s update all the Ubuntu packages with Certbot download.

sudo apt update && sudo apt install certbot python3-certbot-apache

Step 2: SSL certificate generate and install

Now generate SSL for the domain. Let's take an example domain - (example.com). Run the following command.

sudo certbot --apache -d example.com -d www.example.com

The above command will run certbot with the –apache plugin, using -d to specify the names you’d like the certificate to be valid for.

Configure certbot with https settings.

Output
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
-------------------------------------------------------------------------------
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
-------------------------------------------------------------------------------
Select the appropriate number [1-2] then [enter] (press 'c' to cancel):

Step 3: Check Let’s Encrypt Certificate Renewal

Certbot will renew the certificate. Let’s Encrypt SSL certificate is generated only for 3 months, so you have to renew the certificate every 3 months. To automate the renewal process we have to run the following command.

sudo certbot renew --dry-run

Awesome, you have successfully installed Let's Encrypt SSL certificate with auto-renewal.