Obtaining and Installing SSL Certificates with Let's Encrypt

Let's Encrypt provides free SSL certificates through the ACME protocol, with the Certbot client being the most popular implementation. Installing Certbot and obtaining certificates for your domain:

# Ubuntu/Debian
sudo apt update
sudo apt install certbot python3-certbot-apache python3-certbot-nginx

# CentOS/RHEL
sudo yum install epel-release
sudo yum install certbot python3-certbot-apache python3-certbot-nginx

For Apache, obtain and install certificates:

# Obtain certificate for Apache
sudo certbot --apache -d example.com -d www.example.com

# For manual configuration (recommended for better control)
sudo certbot certonly --webroot -w /var/www/html -d example.com -d www.example.com

For Nginx, the process is similar:

# Obtain certificate for Nginx
sudo certbot --nginx -d example.com -d www.example.com

# Manual configuration approach
sudo certbot certonly --webroot -w /usr/share/nginx/html -d example.com -d www.example.com

Configure automatic renewal to ensure certificates stay valid:

# Test renewal process
sudo certbot renew --dry-run

# Add to crontab for automatic renewal
sudo crontab -e
# Add this line:
0 0,12 * * * /usr/bin/certbot renew --quiet --post-hook "systemctl reload apache2"
# Or for Nginx:
0 0,12 * * * /usr/bin/certbot renew --quiet --post-hook "systemctl reload nginx"