Facebook Twitter Instagram
    TecAdmin
    • Home
    • FeedBack
    • Submit Article
    • About Us
    Facebook Twitter Instagram
    TecAdmin
    You are at:Home»Linux Distributions»Ubuntu»How to Setup Let’s Encrypt (Certbot) on Ubuntu 20.04

    How to Setup Let’s Encrypt (Certbot) on Ubuntu 20.04

    By RahulSeptember 7, 20223 Mins Read

    Certbot is a command-line utility for managing Let’s Encrypt SSL certificates on a Linux system. It allows you to request a new SSL certificate, do the authorization and configure your web server for SSL settings. It also helps you to renew certificates issued by the Let’s Encrypt certificate authority.

    Advertisement

    This tutorial helps you to install and use Certbot (A Let’s Encrypt client) on Ubuntu 20.04 LTS Linux system.

    Prerequisites

    You must fulfill the followings:

    • A running Ubuntu 20.04 system with sudo privileged account access.
    • Apache web server with virtual host configured with a real domain or subdomain.
    • Domain or sub-domain must be pointed correctly to web server IP address.

    Step 1 – Installing Certbot

    Certbot is a tool to obtain certificates from Let’s Encrypt and configure them on your web server. The Snap package is the easiest way for installing the certbot on the Ubuntu system.

    Open a terminal and execute the below command to install certbot:

    sudo snap install --classic certbot 
    

    Step 2 – Generate SSL Certificate

    Now, You can request SSL certificates from Let’s encrypt based on the web server.

    1. Apache – The systems running Apache web server, execute the following command. This will list all the domains/sub-domains configured on your web server. Select appropriate numbers to request a certificate.
      sudo certbot --apache 
      
    2. Nginx – For the systems running Nginx web server, use below command to request for the SSL certificates.
      sudo certbot --nginx 
      
    3. Get Certificate Only – For the system having any other web servers running except Apache or Nginx. Then you can get the certificate only and configure them manually.

      This command will ask you for the domain name and document root for the domain.

      sudo certbot certonly --webroot 
      
    4. No Web Server – The systems have no web server running, can also request a SSL certificate. The below command will ask you for the domain name and start a temporary web server on port 80 to complete the verification.
      sudo certbot certonly --standalone 
      

    While using the above commands, the domain must be pointed to the server in DNS. Also, ensure that /.well-known/acme-challenge is served by the web server.

    Step 3 – Test SSL

    Once the SSL certificate is installed on the web server, visit https://your-domain.com/ in a web browser and look for the SSL lock icon in the URL bar. You can also do a security scan for the SSL setup on https://www.ssllabs.com/ssltest/.

    Verify lets encrypt SSL

    Step 3 – Renew SSL Certificate

    A Let’s Encrypt certificate is issued for the 3 months only. You need to renew the certificate before 30 days of expiry. Certbot allows you a hassle-free renewal just by running a single command.

    Run the below command to renew all the certificates on that system.

    sudo certbot renew 
    

    You can also run a dry run without actual renewal. This will help you to test if SSL renewal performs well.

    sudo certbot renew --dry-run 
    

    Conclusion

    In this tutorial, you have learned to install certbot on the Ubuntu system. Also helped you to create new certificates for your web servers.

    certbot Let's Encrypt SSL Ubuntu 20.04
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email WhatsApp

    Related Posts

    Apt configuration file options /etc/apt/apt.conf

    How to Setup DKIM (DomainKeys) with Postfix

    A Step-by-Step Guide to Installing OpenDKIM with Postfix on Ubuntu – Unleash the Power of DKIM!

    Create Let's Encrypt SSL with Certbot

    How to Generate Let’s Encrypt SSL using Certbot

    View 5 Comments

    5 Comments

    1. Renan on August 26, 2021 8:07 pm

      Here it says: “Certbot has set up a scheduled task to automatically renew this certificate in the background.”.

      Now I’m in doubt.

      Do I need to set up a task on crontab to automatically run “sudo certbot renew” command?

      Thank you for the nice post!

      Reply
    2. Rafael on July 14, 2021 12:05 pm

      Posso executar esse comando para que a renovação aconteça de forma automática sem intervenção humana?

      0 2 * * * sudo / usr / sbin / certbot-auto -q renew

      Desde já agradeço

      Reply
      • Rahul on July 15, 2021 6:24 am

        Yes, Just make sure the certbot binary path is correct

        Reply
      • Maycon Marchiori on October 27, 2021 2:20 pm

        0 5 * * * /snap/bin/certbot renew –quiet

        Reply
    3. David Armando Rozo on February 6, 2021 3:24 am

      thanks very much!

      Reply

    Leave A Reply Cancel Reply

    Advertisement
    Recent Posts
    • Implementing a Linux Server Security Audit: Best Practices and Tools
    • cp Command in Linux (Copy Files Like a Pro)
    • 15 Practical Examples of dd Command in Linux
    • dd Command in Linux (Syntax, Options and Use Cases)
    • Iptables: Common Firewall Rules and Commands
    Facebook Twitter Instagram Pinterest
    © 2023 Tecadmin.net. All Rights Reserved | Terms  | Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.