Ubuntu

Install Let’s Encrypt SSL Certificate in Apache on Ubuntu 22.04 | Holhol24

By holhol24
5

Let’s Encrypt is a certificates authority that gives unfastened SSL certificate for internet sites. It was once introduced in 2014 to verify all internet sites are protected and HTTPS. More than 250 million internet sites use it.

In addition to providing SSL certificate, it additionally handles implementation and automated renewal of certificate in the course of the Certbot consumer.

Here, we can see easy methods to set up Let’s Encrypt SSL Certificate in Apache on Ubuntu 22.04.

Prerequisites
Install Apache Webserver

Before continuing additional, set up the Apache webserver for your machine.

READ: How to Install LAMP Stack on Ubuntu 22.04

OR

Use the apt command to put in the Apache webserver on my own if you want to host just a simple HTML web site.

sudo apt replace

sudo apt set up -y apache2

Then, use the beneath command to permit SSL and rewrite modules.

sudo a2enmod ssl rewrite
Create Apache Virtualhost

First, create an Apache digital host to serve the HTTP model of the site.

sudo nano /and so forth/apache2/sites-available/www.holhol24.web.conf

Then, use the beneath configuration on your site. Do keep in mind to switch ServerName, ServerAlias, and Directory stanza in response to your requirement. If you don’t use the www subdomain, you’ll take away the ServerAlias.

ServerName holhol24.web
ServerAlias www.holhol24.web
ServerAdmin admin@holhol24.web
DocumentRoot /var/www/html/www.holhol24.web

ErrorLog ${APACHE_LOG_DIR}/www.holhol24.net_error.log
CustomLog ${APACHE_LOG_DIR}/www.holhol24.net_access.log mixed


Options FollowSymlinks
AllowOverride All
Require all granted

Once you may have created the digital host configuration document, permit the site.

sudo a2ensite www.holhol24.web

Next, create a root listing to carry your site’s information.

sudo mkdir -p /var/www/html/www.holhol24.web/

Then, trade the possession and workforce of the listing.

sudo chown -R www-data:www-data /var/www/html/www.holhol24.web/

Finally, position the check HTML document at the site’s file root.

echo “This is a test site @ www.holhol24.net” | sudo tee /var/www/html/www.holhol24.web/index.html

Then, restart the Apache carrier to re-read the configurations.

sudo systemctl restart apache2
Install Let’s Encrypt SSL Certificate in Apache
Create / Update DNS Record

To generate a Let’s Encrypt SSL certificates, you should level your area to the server IP. So, move in your area registrar and create an A/CNAME document for the area. For instance, the beneath symbol presentations the A/CNAME data for the area www.holhol24.web.

NOTE: After making adjustments within the DNS data, it is important to look ahead to a couple of mins to hours to mirror, relying at the TTL you put for the document.

DNS RecordsInstall Certbot

The Certbot ACME consumer handles the certificates issuance and set up with out downtime. It is out there as a snap package deal for Ubuntu working machine. So, first, set up the Snapd package deal.

sudo apt replace

sudo apt set up -y snapd

Then, replace the snapd to the newest model.

sudo snap set up core; sudo snap refresh core

Finally, set up the Certbot consumer the use of the snap command.

sudo snap set up –classic certbot

sudo ln -s /snap/bin/certbot /usr/bin/certbot
Install Let’s Encrypt Certificate

Use the certbot command to create a Let’s Encrypt certificates and configure Apache to make use of the certificates.

sudo certbot –apache

You will wish to practice the interactive suggested and set up the certificates. Since I’ve two domain names, I will be able to set up SSL certificate for each domain names.

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Enter electronic mail deal with (used for pressing renewal and safety notices)
(Enter ‘c’ to cancel): admin@holhol24.com Once you turn on HTTPS on your area, the Certbot consumer will upload rewrite laws to redirect visitors from HTTP to the HTTPS web site.

By default, it puts two laws for redirections.

http://holhol24.web >> https://holhol24.web
http://www.holhol24.web >> https://www.holhol24.web

As you’ll see, the primary redirection has no longer reached the www HTTPS model of the area. So, you could wish to practice the beneath phase to set it up. If you don’t use the www area, you’ll skip the following phase.

Redirect non-www HTTP requests to www HTTPS with Apache

You might need to configure the Apache webserver to redirect the visitors from the non-www HTTP web site to the WWW HTTPS web site, I.e., http://holhol24.web >> https://www.holhol24.web.

So, edit the Let’s Encrypt SSL digital host document (no longer your unique digital host document).

sudo nano /and so forth/apache2/sites-available/www.holhol24.net-le-ssl.conf

Then, upload the beneath laws prior to the . Change the area identify as in step with your requirement.

# Redirect NON-WWW HTTP to WWW HTTPS
RewriteEngine on
RewriteCond %{SERVER_NAME} =holhol24.web
RewriteRule ^ https://www.holhol24.web%{REQUEST_URI} [END,NE,R=permanent]1,L]

Finally, restart the Apache carrier.

sudo systemctl restart apache2

Verify Let’s Encrypt Certificate

You can test the Let’s Encrypt certificates by means of visiting your site.

http://your-http-web-site

OR

https://your-https-web-site

You must get the HTTPS model of your web site now.

Let’s Encrypt SSL CertificateTest SSL Certificate

Test your Let’s Encrypt SSL certificates for any problems and its safety scores by means of going to the beneath URL.

https://www.ssllabs.com/ssltest/analyze.html?d=www.holhol24.web

Renew Let’s Encrypt Certificate

By default, Let’s Encrypt certificate have 90 days of validity and need to be renewed on time. However, the renewal procedure is now automatic via a systemd carrier equipped by means of the Certbot consumer. So, you wouldn’t have to resume them manually.

However, it is strongly recommended to simulate certificates renewals to verify no problems.

sudo certbot renew –dry-run

Output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Processing /and so forth/letsencrypt/renewal/holhol24.web.conf
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Account registered.
Simulating renewal of an current certificates for holhol24.web and www.holhol24.web

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Congratulations, all simulated renewals succeeded:
/and so forth/letsencrypt/reside/holhol24.web/fullchain.pem (good fortune)
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –

The above output confirms that the check renewal is a hit, and the automated renewal will occur as anticipated.

Conclusion

That’s All. I am hoping you realized easy methods to set up Let’s Encrypt SSL Certificate in Apache on Ubuntu 22.04.

holhol24

I am a Linux server pro admin and enthusiast, an upcoming web developer, junior php developer.

I am currently a content creator for Holhol24, I love to play with Linux and all other distributions of it.

I loves working with computers and strongly believes in sharing knowledge. Follow me For more insight into what is happening in Tech.

You might also like More from author

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More