Installing Let’s Encrypt SSL certificate on Ubuntu 16.04/apache web server

More about Let’s Encrypt¬†¬†and it’s FREE!!!

Make sure a domain is assigned to the server IP address before you begin assigning SSL certificates.

Step 1: Let’s install¬†Let’s Encrypt client from their official repositories.

As usual, root@localhost:~# apt-get update 

root@localhost:~# apt-get install python-letsencrypt-apache

8

Select Y to continue installing client
9

Step 2:

Now the client is installed, lets install the actual SSL certificate. The client will automatically obtain and install a new SSL certificate that is valid for the domains provided as parameters.

root@localhost:~# letsencrypt --apache -d jagadeeshmittapalli.com

9 10 11 12 13 14

LetsEncrypt certificate is now installed. If  you want to extend the certificate to subdomains, here WWW

letsencrypt --apache -d example.com -d www.example.com
15 16

Try accessing your website, you should see https now.

17

Step 3: Auto renewal

LetsEncrypt SSL certificates expire every 90 days. To renew certificates installed on the server root@localhost:~# letsencrypt renew

18

Here, there is no expiring certificates currently, so no renewals were attempted.

You can also automate renewals by creating cron job

Let’s edit the crontab to create a new job that will run the renewal command every week. To edit the crontab for the root user, run:

crontab -e

19

 

You may be prompted to select an editor:

Press Enter to use nano, the default.

Include the following content at the end of the crontab, all in one line:

20 21
Confirmation output :
22

 

Save and exit. This will create a new cron job that will execute the letsencrypt-auto renew command every Monday at 2:15 am.

Installing LAMP on Ubuntu Server 16.04 LTS

Let’s assume you got a VPS or Server on Cloud installed. Here i am trying with Ubuntu 16.04 (setup on other linux distros should be similar).

Before installing remember LAMP (Linux, Apache, MySQL, PHP)

Let’s install mySQL

root@localhost:~# apt-get install mysql-server

root@localhost:~# mysql_secure_installation

1

Select NO if you don’t want to change the root password and for the reset select Y.

2

Let’s install PHP now

We can once again leverage the apt system to install our components. We’re going to include some helper packages as well, so that PHP code can run under the Apache server and talk to our MySQL database:

root@localhost:~# apt-get install php libapache2-mod-php php-mcrypt php-mysql
This should install PHP without any problems. We’ll test this now

In most cases, we’ll want to modify the way that Apache serves files when a directory is requested. Currently, if a user requests a directory from the server, Apache will first look for a file called index.html. We want to tell our web server to prefer PHP files, so we’ll make Apache look for an index.php file first.

To do this, type this command to open the dir.conf file in a text editor with root privileges:

sudo nano /etc/apache2/mods-enabled/dir.conf

For reading text files on ubuntu, use nano. nano is the GNU version of pico and is essentially the same program under a different name.On Debian and Ubuntu Linux systems, nano can be installed with the command: sudo apt-get install nano

4

Move the PHP index file highlighted above to the first position after the DirectoryIndex specification, like this:

5

ctrl+X to close the nano, select Y to save changes and then press ENTER key

Restart the Apache web server in order for our changes to be recognized. You can do this by typing this:
root@localhost:~# systemctl status apache2

6

Let’s test php

We will call this script info.php. In order for Apache to find the file and serve it correctly, it must be saved to a very specific directory, which is called the “web root”.

In Ubuntu 14.04, this directory is located at /var/www/html/. We can create the file at that location by typing:

root@localhost:~# nano /var/www/html/info.php

7

Ctrl+X to close and Y to save and press ENTER to close the nano

Now we can test whether our web server can correctly display content generated by a PHP script. To try this out, we just have to visit this page in our web browser. You’ll need your server’s public IP address again.

The address you want to visit will be:

http://your_server_IP_address/info.php

You should see a PHP page, and details about your php version and other server info

Note: Make sure you remove the php file

root@localhost:~# rm /var/www/html/info.php

Now that the LAMP is installed successfully, we can install wordpress or phpmyadmin, or other software.

To install wordpress :

wget --no-check-certificate wordpress.org/latest.zip