In this article, we will have explained the necessary steps to install and configure Apache with Let’s Encrypt on Ubuntu 20.04 LTS. Before continuing with this tutorial, make sure you are logged in as a user with
sudo privileges. All the commands in this tutorial should be run as a non-root user.
Let’s Encrypt is a certificate authority that provides free SSL certificates for the website, operating since April 2016, and supported by companies and internet organizations of the world such as Mozilla, Cisco, Chrome, Akamai, etc. It simplifies the process by providing a software client, Certbot, that attempts to automate most (if not all) of the required steps. Certificates issued by Let’s Encrypt are valid for 90 days from the issue date and trusted by all major browsers today.
Secure Apache with Let’s Encrypt on Ubuntu 20.04
Step 1. First, before you start installing any package on your Ubuntu server, we always recommend making sure that all system packages are updated.
sudo apt update sudo apt upgrade sudo snap install core sudo snap refresh core
Step 2. Install Certbot.
Run this command on the command line on the machine to install Certbot:
sudo snap install --classic certbot
Next, the following instructions on the command line on the machine to ensure that the certbot command can be run:
sudo ln -s /snap/bin/certbot /usr/bin/certbot
After that, run this command to get a certificate and have Certbot edit your Apache configuration automatically to serve it, turning on HTTPS access in a single step:
sudo certbot --apache
Step 3. Checking Certificate Status.
You can ensure that Certbot created your SSL certificate correctly by using the SSL Server Test from the cloud security company Qualys. Open the following link in your preferred web browser, replacing
example.com with your base domain:
Step 4. Set up automatic renewal Let’s Encrypt.
Let’s Encrypt’s certificates are valid for 90 days. To automatically renew the certificates before they expire, the certbot package creates a cronjob that runs twice a day and automatically renews any certificate 30 days before its expiration:
sudo certbot renew --dry-run
That’s all you need to do to secure Apache with Let’s Encrypt on Ubuntu 20.04 LTS Focal Fossa. I hope you find this quick tip helpful. If you have questions or suggestions, feel free to leave a comment below.