Prerequisites
To complete this guide, you will need:
Both of the following DNS records set up for your server. You can follow this hostname tutorialarrow-up-right for details on how to add them.
An A record with example.com pointing to your server’s public IP address.
An A record with www.example.com pointing to your server’s public IP address.
1. Installing Certbot
Copy sudo apt-get update
# For Nginx
sudo apt-get install python3-certbot-nginx
# For Apache
sudo apt-get install python3-certbot-apache 2. Set Up the SSL Certificate on Nginx
Copy vi /etc/nginx/sites-available/default Find the existing server_name line and replace the underscore, _, with your domain name:
Obtaining an SSL Certificate on Nginx
3. Set Up the SSL Certificate on Apache
Find the existing ServerName line. It should look like this:
Obtaining an SSL Certificate on Apache
4. Verifying Certbot Auto-Renewal
Let’s Encrypt certificates only last for 90 days.
To test the renewal process, you can do a dry run with certbot:
Copy
If you want to run certbot renew with daily schedule,
5. Generating The Wildcard SSL Certificate
IMPORTANT NOTES:
Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/test/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/test/privkey.pem
Your cert will expire on 2021-09-06. To obtain a new or tweaked
version of this certificate in the future, simply run certbot
again. To non-interactively renew all of your certificates, run
"certbot renew"
Reference
https://certbot.eff.org/docs/arrow-up-right
https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-18-04arrow-up-right
https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-18-04arrow-up-right
