Certbot is a wonderful tool you can use to: Generate a SSL certificate with LetsEncrypt and automatically install and configure it on your webserver.
Prerequisites
You'll need a website that's already online and hosted on a server. Obviously a domain is also necessary.
Installing Certbot...
on Debian 11/10
First we'll have to install snapd:
$ sudo apt update
$ sudo apt install snapdNow ensure that your version of snap is up to date by runnig this command:
$ sudo snap install core; sudo snap refresh coreMake sure to remove any old certbot installations:
$ sudo apt-get remove certbotThen, install Certbot:
$ sudo snap install --classic certbotExecute the following command to ensure that the certbot command can be run:
$ sudo ln -s /snap/bin/certbot /usr/bin/certboton Ubuntu 20
Ensure that your version of snap is up to date by runnig this command:
$ sudo snap install core; sudo snap refresh coreMake sure to remove any old certbot installations:
$ sudo apt-get remove certbotThen, install Certbot:
$ sudo snap install --classic certbotExecute the following command to ensure that the certbot command can be run:
$ sudo ln -s /snap/bin/certbot /usr/bin/certboton CentOS 8
If you don’t already have the CentOS repository added to your distribution, it can be added as follows:
$ sudo dnf install epel-release
$ sudo dnf upgrade
Then, simply install snapd with yum:
$ sudo yum install snapdOnce installed, the systemd unit that manages the main snap communication socket needs to be enabled:
$ sudo systemctl enable --now snapd.socketTo enable classic snap support, enter the following to create a symbolic link between /var/lib/snapd/snap and /snap:
$ sudo ln -s /var/lib/snapd/snap /snapEither log out and back in again or restart your system to ensure snap’s paths are updated correctly.
Now ensure that your version of snap is up to date by runnig this command:
$ sudo snap install core; sudo snap refresh coreMake sure to remove any old certbot installations:
$ sudo yum remove certbotThen, install Certbot:
$ sudo snap install --classic certbotExecute the following command to ensure that the certbot command can be run:
$ sudo ln -s /snap/bin/certbot /usr/bin/certbotCreate and install certificate
Just get a certificate
If you don't want to automatically install and configure the certbot certificate, run this command to only generate it:
$ sudo certbot certonly --your_webserverWhat to replace your_webserver with
- For apache use
apache - For nginx use
nginx - For HAProxy or other
standalone
So for example sudo certbot certonly --nginx
This will just put the certificate and key under /etc/letsencrypt/live/your_domain/.
Automatically install it
If you want to automatically install and also configure it in your webserver, run this command with your corresponding web server:
$ sudo certbot --your_webserverWhat to replace your_webserver with
- For apache use
apache - For nginx use
nginx - For HAProxy or other
webroot
For examlpe sudo certbot --nginx
Confirm that Certbot worked
To confirm that your site is set up properly, visit https://yourwebsite.com/ in your browser and look for the lock icon in the URL bar.
Conclusion
In this article I showed you: How to install and use Certbot on three different platforms and with three different web servers. If I have helped you, consider signing up for free to get access to all my guides and my newsletter.