Blog

Creating the SSL Certificate sudo a2enmod ssl sudo service apache2 restart Generate a Self-signed Certificate sudo openssl genrsa -out ca.key 2048 sudo openssl req -nodes -new -key ca.key -out ca.csr Lastly, generate a self-signed certificate (ca.crt) of X509 type valid for 365 keys. sudo openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt Create a directory to place the certificate files we have created. sudo mkdir /etc/apache2/ssl sudo...

Let's encrypt SSL certificates will get expired after 90 Days of installation and you must renew it before it get expired. Certbot Renew Command $ sudo certbot renew --dry-run Certbot Auto Renew Cron Job $ cat /etc/cron.d/certbot Content: # /etc/cron.d/certbot: crontab entries for the certbot package # # Upstream recommends attempting renewal twice a day # # Eventually, this will be an opportunity to validate certificates # haven't been revoked, etc....

Instruction is from certbot.eff.org with actual testing note. 1. Add Certbot PPA sudo apt-get update sudo apt-get install software-properties-common sudo add-apt-repository universe sudo add-apt-repository ppa:certbot/certbot sudo apt-get update 2. Install Certbot sudo apt-get install certbot python-certbot-apache 3. get and install your certs sudo certbot --apache or, just get a certificate sudo certbot certonly --apache 4. test automatic renewal sudo certbot renew --dry-run For wildcard, you should run acme-v02 for wildcard domains. $ sudo certbot certonly --manual...