Let's encrypt!
Installation of a free SSL/TLS certificate Update: 2022
You can get an SSL/TLS certificate for free. Ideal for small or medium scale projects. Very easy to use.
Let's encrypt for free does not provide a certificate with extensive or organizational validation.
Installation
The certificate can be installed using the Certbot utility or the manual mode. Certbot require that we have an SSH access to our web server with sudo
rights.
The Certbot documentation is very clear and guide us step-by-step on how to install the utility depending of the web server and distro we operate.
For example, the instructions to install Certbot on Ubuntu and Nginx can be found in the link below.
The snap utility is required to install Certbot.
Certbot installation
Create a symbolic link to be able to use the Certbot utility.
Creation of a certificate
The image below shows that I have successfully created a valid SSL/TLS. When a certificate is generated, it will created a certificate and a private key. It will modify automatically the certificate and the private key Nginx path in the configuration file.
Certification renewal
Renewal information can be found at
/etc/letsencrypt/renewal.
Outdated certificates will be archived in the path specified by the
archive_dir
variable.
We can simulate a certificate renewal with:
Resources
Last updated