If you get the following whilst running
sudo apt-get install certbot:
Building dependency tree Reading state information... Done E: Unable to locate package certbot
... Then you can use this guide to install certbot.
If it is already installed, then you can skip to step 2.
First, add the following repository:
sudo add-apt-repository ppa:certbot/certbot
You will need to hit
[ENTER] to ensure this repo is added.
After, update your package list:
sudo apt-get update
Finally you can install certbot. Note it is called
sudo apt-get install python-certbot-apache
You will have to hit
Y to ensure this package is installed.
certbot is ready to use!
apache, you can try running the following command to setup the SSL certificate automatically. If you are using another server, or you would prefer to install it yourself, then follow
option 2 below.
Be sure to replace
example.com with your own domain!
sudo certbot --apache -d example.com
You can configure an SSL certificate for multiple domains using multiple
-d flags - for example:
-d www.example.com -d myawesomesubdomain.example.com
Run the following command to generate a free SSL certificate. Be sure to replace
/var/www/html with your website root directory, and
example.com with your domain name.
sudo certbot certonly --webroot -w /var/www/html -d example.com
Multiple domains can be chained with multiple
-d flags (as above).
After verification, you will have to add the SSL certificate to your apache config. Assuming your configuration is in
<VirtualHost *:443> ServerName example.com DocumentRoot /var/www/html SSLEngine on SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/example.com/fullchain.pem </VirtualHost>
Restart apache ...
sudo service apache2 restart
... and now your SSL certificate should now work!
You should setup a
cron job to ensure your SSL certificate renews itself.
First, open the
crontab file in edit mode:
sudo crontab -e
After, add the following:
30 2 * * * /usr/bin/certbot renew --quiet
This command (
30 2 * * *) means "run what follows at 2:30am each day". The
/usr/bin/certbot renew --quiet will renew your certificate if required.