Let’s Encrypt is a certificate authority providing free SSL certificates. The creation, validation, installation is automated with certbot — all major browsers trust certificates issued by Let’s Encrypt.
In this tutorial you will learn how to secure the Apache web server on Ubuntu Bionic Beaver with a Let’s Encrypt certificate using certbot.
Requirements:
- You have an account and are logged into console.scaleway.com
- You have configured your SSH Key
- You have sudo privileges or access to the root user.
1 . Start by updating the software already installed on the instance:
apt update
apt upgrade -y
2 . Install the Apache Web Server:
apt install apache2
3 . Create a directory for the website. In this tutorial myweb.example.com
is being used. Replace it with your domain name whenever you see it:
mkdir -p /var/www/html/myweb.example.com/public_html
4 . Create an index page for the website by running the following command:
nano /var/www/html/myweb.example.com/public_html/index.html
Then copy the following content into the file, save it and exit nano:
<html>
<head>
<title>myweb.example.com</title>
</head>
<body>
<h1>New Website</h1>
<p>This is the new website of myweb.exaple.com</p>
</body>
</html>
5 . Create a configuration file for the website, by making a copy of the default configuration:
cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/myweb.example.com.conf
6 . Open the file in a text editor:
/etc/apache2/sites-available/myweb.example.com.conf
Edit the following lines to match your configuration, add them to the file, save it and exit the editor:
ServerAdmin webmaster@myweb.example.com
ServerName myweb.example.com
ServerAlias www.myweb.example.com
DocumentRoot /var/www/html/myweb.example.com/public_html
Once edited the file should look like this example:
7 . Activate the new site:
a2ensite myweb.example.com
8 . Reload the Apache configuration to enable the new site:
systemctl reload apache2
1 . Install the pre-required packages and repositories:
apt install software-properties-common -y && add-apt-repository universe -y && add-apt-repository ppa:certbot/certbot -y
2 . Update the apt packet cache:
apt update
3 . Install Certbot via apt:
apt install certbot python-certbot-apache -y
1 . Run Certbot to request a certificate for the domain name:
certbot --apache
Certbot will ask you a series of questions:
Enter
on your keyboard.A
.Y
for yes or N
for no.1
for no or 2
for yes.- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://myweb.example.com
You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=myweb.example.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2 . Verify the certificate by opening your site in a web browser:
You notice the small padlock icon indicating that the connection to your instance is encrypted now.