More about Let’s Encrypt and it’s FREE!!!
Make sure a domain is assigned to the server IP address before you begin assigning SSL certificates.
Step 1: Let’s install Let’s Encrypt client from their official repositories.
root@localhost:~# apt-get update
root@localhost:~# apt-get install python-letsencrypt-apache
Select Y to continue installing client
Now the client is installed, lets install the actual SSL certificate. The client will automatically obtain and install a new SSL certificate that is valid for the domains provided as parameters.
root@localhost:~# letsencrypt --apache -d jagadeeshmittapalli.com
LetsEncrypt certificate is now installed. If you want to extend the certificate to subdomains, here WWW
letsencrypt --apache -d example.com -d www.example.com
Try accessing your website, you should see https now.
Step 3: Auto renewal
LetsEncrypt SSL certificates expire every 90 days. To renew certificates installed on the server
root@localhost:~# letsencrypt renew
Here, there is no expiring certificates currently, so no renewals were attempted.
You can also automate renewals by creating cron job
Let’s edit the crontab to create a new job that will run the renewal command every week. To edit the crontab for the root user, run:
You may be prompted to select an editor:
nano, the default.
Include the following content at the end of the crontab, all in one line:
Save and exit. This will create a new cron job that will execute the
letsencrypt-auto renew command every Monday at 2:15 am.