Installing Let’s Encrypt SSL certificate on Ubuntu 16.04/apache web server

More about Let’s Encrypt  and it’s FREE!!!

Make sure a domain is assigned to the server IP address before you begin assigning SSL certificates.

Step 1: Let’s install Let’s Encrypt client from their official repositories.

As usual, root@localhost:~# apt-get update 

root@localhost:~# apt-get install python-letsencrypt-apache


Select Y to continue installing client

Step 2:

Now the client is installed, lets install the actual SSL certificate. The client will automatically obtain and install a new SSL certificate that is valid for the domains provided as parameters.

root@localhost:~# letsencrypt --apache -d

9 10 11 12 13 14

LetsEncrypt certificate is now installed. If  you want to extend the certificate to subdomains, here WWW

letsencrypt --apache -d -d
15 16

Try accessing your website, you should see https now.


Step 3: Auto renewal

LetsEncrypt SSL certificates expire every 90 days. To renew certificates installed on the server root@localhost:~# letsencrypt renew


Here, there is no expiring certificates currently, so no renewals were attempted.

You can also automate renewals by creating cron job

Let’s edit the crontab to create a new job that will run the renewal command every week. To edit the crontab for the root user, run:

crontab -e



You may be prompted to select an editor:

Press Enter to use nano, the default.

Include the following content at the end of the crontab, all in one line:

20 21
Confirmation output :


Save and exit. This will create a new cron job that will execute the letsencrypt-auto renew command every Monday at 2:15 am.