Let’s Encrypt is a certificate authority (CA) providing free SSL/TLS certificates for enhanced security freely.
Setup Let’s Encrypt Client
We can download the certbot-auto Let’s Encrypt client and save it in /usr/sbin directory. Use following command to do it.
$ sudo wget https://dl.eff.org/certbot-auto -O /usr/sbin/certbot-auto $ sudo chmod a+x /usr/sbin/certbot-auto
Create SSL Certificate
Let’s Encrypt performs Domain Validation (DV) automatically with multiple challenges. Once Certificate Authority (CA) verified authenticity of your domain, ssl certificate is issued.
$ sudo certbot-auto certonly --standalone -d example.com -d www.example.com
After getting sucess of all validations, certificate files will be places under below path.
$ cd /etc/letsencrypt/live/example.com $ ls
Files List: cert.pem chain.pem fullchain.pem privkey.pem
Configure SSL in VirtualHost
Please find below configurations for Apache and Nginx web server. Edit virtual host configuration file and add below entries for certificate.
Nginx:
ssl on; ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
Apache:
SSLEngine on SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem
Thanks for Visit Here
Comments
Post a Comment