HostOnNet Blog

Install LetsEncrypt on Linux Server

LetsEncrypt is a Free SSL provider.

Install LetsEncrypt

To install LetsEncrypt, run

cd /usr/bin
wget https://dl.eff.org/certbot-auto
chmod a+x /usr/bin/certbot-auto

Generate SSL certificate

To generate SSL for a web site, run

certbot-auto --apache -d YOUR-DOMAIN.EXT -d www.YOUR-DOMAIN.EXT

Auto Renew SSL with Cronjob

LetsEncrypt SSL certificate expire after 90 days of issuing. To renew it, run following cronjob.

crontab -e

Add

30 2 * * 1 /usr/bin/certbot-auto renew >> /var/log/le-renew.log

List All SSL certificates on a server

To list all SSLs, run

certbot-auto certificates

Example

root@server:~# certbot-auto certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log

-------------------------------------------------------------------------------
Found the following certs:
  Certificate Name: vesta.webhostingneeds.com
    Domains: vesta.webhostingneeds.com
    Expiry Date: 2018-02-19 02:57:36+00:00 (VALID: 89 days)
    Certificate Path: /etc/letsencrypt/live/vesta.webhostingneeds.com/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/vesta.webhostingneeds.com/privkey.pem
-------------------------------------------------------------------------------
root@server:~# 

Posted in Security