Let's Encrypt on Debian/Ubuntu and Apache
This mini guide assumes you know how to set up a basic non-https domain in Debian or Ubuntu with Apache, once that's done you can follow on here how you extend it to a free certificate from Let's Encrypt.
Install the tool
First install the Let's Encrypt tool, this tool does almost all the work for you. You can install it with this one line command:
cd /usr/local/sbin && sudo wget https://dl.eff.org/certbot-auto
Make all domains auto update
The command for renewing your certificates is
certbot-auto renew but instead of doing this manually every month we can set up a cron task to do it.
Open the cron editor
sudo crontab -e
And add this line, which will auto renew all your certificates from Let's Encrypt
30 2 * * 1 /usr/local/sbin/certbot-auto renew >> /var/log/le-renew.log
All you have to do now in order to install a certificate is to run this command. You can add as many
-d arguments as you want if you want to assign that certificate to more domains and subdomains.
sudo certbot-auto --apache -d example.com -d www.example.com
Certbot will ask you if you allow both http and https, it will say the first is easier, in my opinion both are equally easy and requires no more to be done from here.
Also featured on My blog at blog.emilmoe.com
That's some neat trick @emilmoe . Lately hearing some good things about Lets encrypt but still I'm too skeptical to go with it. Maybe I will start using it for my pet projects and later on use it in production apps. But, what do you think about it?
I have no regrets for Let's Encrypt.
I'm am currently using it on my personal website emilmoe.com and 2 projects (non public). One of them has been active for 8 months the other just launched. The last one needed a proprietary single sign on, which means it had to be approved manually, Let's Encrypt was good enough for this.
As far as I have read the level of encryption is exactly as the known brands.
I will be using Let's encrypt soon. This article ll be helpful. :)