configure apache lets encrypt
Jump toUpdate content

Configuring Let's Encrypt with Apache on Ubuntu Bionic

Reviewed on 20 September 2023 • Published on 23 May 2019
  • compute
  • Let's-Encrypt
  • Apache
  • Ubuntu-Bionic
  • SSL-certificates

Let’s Encrypt Overview

Let’s Encrypt is a certificate authority providing free SSL certificates. The creation, validation, installation is automated with certbot — all major browsers trust certificates issued by Let’s Encrypt.

In this tutorial you will learn how to create a website for Apache to serve, then secure the Apache web server on Ubuntu Bionic Beaver with a Let’s Encrypt certificate using certbot.

Security & Identity (IAM):

You may need certain IAM permissions to carry out some actions described on this page. This means:

  • you are the Owner of the Scaleway Organization in which the actions will be carried out, or
  • you are an IAM user of the Organization, with a policy granting you the necessary permission sets

Installing Apache

  1. Connect to your Instance via SSH, and update the software already installed:

    apt update
    apt upgrade -y
  2. Install the Apache web server:

    apt install apache2
  3. Create a directory for the website. In this tutorial we use myweb.example.com. Replace it with your domain name whenever you see it:

    mkdir -p /var/www/html/myweb.example.com/public_html
  4. Create an index page for the website by running the following command:

    nano /var/www/html/myweb.example.com/public_html/index.html

    Then copy the following content into the file, save it and exit nano:

    <h1>New Website</h1>
    <p>This is the new website of myweb.exaple.com</p>
  5. Create a configuration file for the website, by making a copy of the default configuration:

    cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/myweb.example.com.conf
  6. Open the file in a text editor:

    nano /etc/apache2/sites-available/myweb.example.com.conf

    E dit the following lines to match your configuration, add them to the file, save it and exit the editor:

    ServerAdmin webmaster@myweb.example.com
    ServerName myweb.example.com
    ServerAlias www.myweb.example.com
    DocumentRoot /var/www/html/myweb.example.com/public_html

    Once edited the file should look like this example:

  7. Activate the new site:

    a2ensite myweb.example.com
  8. Reload the Apache configuration to enable the new site:

    systemctl reload apache2.service

Installing Certbot

Install Certbot via apt:

apt install certbot python3-certbot-apache -y

Running Certbot

  1. Run Certbot to request a certificate for the domain name:

    certbot --apache

    Certbot will ask you a series of questions:

    • Firstly, Certbot asks for your email address. Enter it and press Enter on your keyboard.
    • You will then be asked to agree to the terms of service. Do so by pressing Y.
    • Decide if you want to share your email address with the Electronic Frontier Foundation (EFF). Press Y for yes or N for no.
    • Next, you will be asked for which domains you want to activate SSL. Select the appropriate numbers separated by commas and/or spaces, or leave input blank to select all options shown.
    • Certbot asks if all traffic should be forced to HTTPS. Type 1 for no or 2 for yes.
    • The certificate is requested and the following message appears once it has been obtained:
      Congratulations! You have successfully enabled https://myweb.example.com
      You should test your configuration at:
  2. Verify the certificate by opening your site in a web browser:

The small padlock icon indicates that the connection to your Instance is now encrypted.