How to Install and Use Let's Encrypt for Free SSL Certificates on Your VPS

Using SSL certificates is essential for securing data transmission on your website. Let's Encrypt provides free SSL certificates that are easy to install and renew. This guide will help you install Let's Encrypt SSL certificates on your VPS.

Step 1: Connect to Your VPS

To begin, you need to access your VPS. Use an SSH client like PuTTY (for Windows) or Terminal (for macOS/Linux) to connect to your VPS.

  • Open your SSH client.
  • Enter the IP address of your VPS and the SSH port (usually 22).
  • Log in with your root credentials.

Once logged in, you will have full access to your VPS.

Step 2: Update Your VPS

Before installing any software, it’s important to ensure your VPS is up to date.

  • Run the following command to update your system: 
    sudo apt update && sudo apt upgrade -y

This command will update all packages to their latest versions.

Step 3: Install Certbot

Certbot is a tool provided by the Electronic Frontier Foundation (EFF) that automates the process of obtaining and renewing Let's Encrypt SSL certificates.

  • To install Certbot on a Debian/Ubuntu-based VPS, run: 
    sudo apt install certbot python3-certbot-apache -y

This will install Certbot along with the plugin needed for Apache web server integration.

Step 4: Install Apache (if not installed)

If Apache is not already installed on your VPS, you can install it by running:

  • Install Apache:

    sudo apt install apache2 -y

  • Start Apache and ensure it is running:

    sudo systemctl start apache2
sudo systemctl enable apache2

Step 5: Obtain the SSL Certificate Using Certbot

Now, you can obtain your free SSL certificate from Let's Encrypt.

  • To obtain and install the SSL certificate for your domain, run:

    sudo certbot --apache

  • Certbot will prompt you to enter your email address for renewal notifications.

  • You will then be asked to agree to the terms and conditions of Let's Encrypt.

  • After that, Certbot will attempt to automatically configure your Apache server to use the SSL certificate.

Step 6: Verify SSL Installation

Once the SSL certificate has been installed, verify the installation by visiting your domain:

  • Open a browser and go to https://<your-domain>.
  • You should see the green padlock icon indicating that your website is secured with HTTPS.

Step 7: Configure Automatic Renewal

Let’s Encrypt certificates are only valid for 90 days, but Certbot can automatically renew them before they expire.

  • To ensure automatic renewal is set up, Certbot installs a cron job by default. You can check this by running: 
    sudo systemctl list-timers

This command will show all scheduled tasks, and Certbot’s automatic renewal task should be listed.

  • To test automatic renewal, you can run: 
    sudo certbot renew --dry-run

This simulates the renewal process without actually renewing the certificate, allowing you to check if the renewal process will work correctly.

Step 8: Test Your SSL Certificate

After installation, it’s important to test your SSL certificate to ensure everything is working properly.

  • Visit the following site to check the status of your SSL certificate: 
    https://www.ssllabs.com/ssltest/

Enter your domain name and click "Submit" to check if your certificate is installed correctly.

Step 9: Manually Renew the Certificate (if necessary)

Although Certbot automatically handles renewals, you can manually renew the certificate if needed.

  • To manually renew your SSL certificate, run: 
    sudo certbot renew

This command will renew your SSL certificate if it's close to expiring.

Step 10: Configure Your Web Server for SSL

If Certbot did not automatically configure your server to redirect HTTP traffic to HTTPS, you can manually edit the Apache configuration.

  • Edit your Apache site configuration:

    sudo nano /etc/apache2/sites-available/000-default.conf

  • Inside the configuration file, find the following line:

    <VirtualHost *:80>

  • Add the following redirect rule inside the <VirtualHost> block:

    Redirect permanent / https://<your-domain>/

  • Save the file and restart Apache:

    sudo systemctl restart apache2

Now, all HTTP traffic will be redirected to HTTPS, ensuring secure connections to your website.

With these steps completed, you now have a free SSL certificate installed on your VPS using Let’s Encrypt. Your website will be securely served over HTTPS, improving both security and user trust.

Was this answer helpful? 0 Users Found This Useful (0 Votes)

Most Popular Articles

How to Fix the SSH "Connection Refused" Error

How to Fix the SSH "Connection Refused" Error   When you try to connect to your QuickServers...
A Beginner's Guide on How to Use a VPS

A Beginner's Guide on How to Use a VPS   A Virtual Private Server (VPS) is a popular option for...
How to Create an FTP Server on a VPS: A Beginner's Guide

How to Create an FTP Server on a VPS: A Beginner's Guide   Step 1: Connect to your VPS The...
How to enable SSH on a VPS

How to enable SSH on a VPS   SSH (Secure Shell) is a secure and encrypted protocol that allows...
How to Remote Desktop into a Windows VPS

How to Remote Desktop into a Windows VPS   Every Preinstalled Windows VPS at QuickServers comes...