Let’s Encrypt is a Certificate Authority (CA) that provides an accessible way to obtain and install free TLS/SSL certificates, thereby enabling encrypted HTTPS on web servers.
-
Uninstall Certbot
The exact command to do this depends on your OS, but common examples are sudo apt-get remove certbot, sudo dnf remove certbot, or sudo yum remove certbot.
sudo apt-get remove certbot
-
Install snapd
sudo apt install snapd
Ubuntu comes with support for snaps out of the box, so you can start by making sure your snapd core is up to date:
sudo snap install core
sudo snap refresh core
-
Install Certbot
sudo snap install --classic certbot
-
Prepare the Certbot command:
Execute the following instruction on the command line on the machine to ensure that the certbot command can be run.
sudo ln -s /snap/bin/certbot /usr/bin/certbot
-
Obtaining an SSL Certificate
Certbot provides a variety of ways to obtain SSL certificates through plugins.
Choose how you'd like to run Certbot:
a) providing domain name in command line
sudo certbot --nginx -d example.com
b) install your certificates within nginx config files
sudo certbot --nginx
c) just get a certificate for nginx
sudo certbot certonly --nginx
-
Test automatic renewal
The command to renew certbot is installed in one of the following locations:
- /etc/crontab/
- /etc/cron./
- systemctl list-timers
sudo certbot renew --dry-run
-
Confirm that Certbot worked
To confirm that your site is set up properly, visit https://yourwebsite.com/ in your browser and look for the lock icon in the URL bar.
If you see no errors, you’re all set. When necessary, Certbot will renew your certificates and reload Nginx to pick up the changes.