In this tutorial, we'll explain how to install Let’s Encrypt SSL Certificates on Ubuntu 24.04. This tutorial covers everything from setting up Certbot, obtaining SSL certificates, configuring automatic renewals, and ensuring your server is always protected. Follow along to secure your site with HTTPS, protect your visitors’ data, and boost your SEO with free, automated SSL certificates.
Let’s Encrypt is a free, automated, and open certificate authority (CA) that provides SSL/TLS certificates to secure websites. By offering these certificates at no cost, Let’s Encrypt makes it easy for everyone to use HTTPS, improving privacy and security across the web. Let’s Encrypt’s certificates are trusted by all major browsers, helping to create a more secure and privacy-respecting web.
Certbot is a powerful, user-friendly command-line tool that helps you obtain and renew SSL certificates from Let’s Encrypt. Developed by the Electronic Frontier Foundation (EFF), Certbot simplifies the process of setting up HTTPS on your web server. It automatically configures your web server (Apache or Nginx) to use the newly issued certificates and handles the certificate renewal process to ensure your site remains secure with minimal effort.
By using Let’s Encrypt and Certbot, you can easily secure your websites, protect user data, and maintain a modern web presence with trusted encryption standards—all without the need for costly certificates or complicated manual setup.
Prerequisites
Before installing Let’s Encrypt SSL, ensure you have the following:
- A Domain Name: Ensure your domain is pointed to your server.
- A Ubuntu 24.04 installed dedicated server or KVM VPS.
- Web Server Installed: Apache or Nginx installed and configured.
- Sudo Privileges: You need administrative access to your server.
Install Let’s Encrypt SSL Certificates on Ubuntu
Step 1: Update Your Server
Start by updating your package lists to ensure all installed packages are up-to-date.
sudo apt update && sudo apt upgrade -y
Step 2: Install Certbot
Certbot is a free, open-source software tool for obtaining and renewing Let’s Encrypt SSL certificates. Install Certbot and the plugin for your web server:
For Apache:
sudo apt install certbot python3-certbot-apache -y
For Nginx:
sudo apt install certbot python3-certbot-nginx -y
Step 3: Allow HTTPS Traffic Through the Firewall
If your firewall is enabled, ensure it allows HTTP (port 80) and HTTPS (port 443) traffic.
sudo ufw allow 'Nginx Full' # For Nginx
# or
sudo ufw allow 'Apache Full' # For Apache
Step 4: Obtain an SSL Certificate
Use Certbot to obtain the SSL certificate. Certbot will automatically update your web server’s configuration files.
For Apache:
sudo certbot --apache
For Nginx:
sudo certbot --nginx
You will be prompted to enter your email address and agree to the terms of service. Certbot will automatically detect your domain name(s) from your web server configuration. Select the domain(s) you want to secure.
Step 5: Verify the SSL Certificate Installation
After the installation, you can verify the SSL certificate status by visiting your website using https://. You can also check the certificate details using the following command:
sudo certbot certificates
Step 6: Set Up Automatic Certificate Renewal
Let’s Encrypt certificates are valid for 90 days, but Certbot installs a cron job to automatically renew certificates before they expire. To test this renewal process, run:
sudo certbot renew --dry-run
If no errors appear, your certificates will renew automatically when needed.
Step 7: Configure Auto-Renewal (Optional)
Even though Certbot usually sets up automatic renewal, it’s good to verify or customize the renewal process. You can create a cron job to regularly check and renew certificates.
Open the cron jobs list:
sudo crontab -e
Add the following line at the bottom to check for certificate renewal twice a day:
0 */12 * * * certbot renew --quiet
This command will renew the certificates automatically without any output unless there’s an error.
Conclusion
By following this guide, we’ve successfully seen how to install Let’s Encrypt SSL Certificates on Ubuntu 24.04. and automated the renewal process. This enhances the security of your website, providing users with a secure and trusted connection. Regularly monitor your SSL status to ensure smooth renewals and stay updated with the latest security practices.
