Let’s Encrypt is a free, automated and open certificate authority (CA). It is very useful and efficient way to get SSL certificates. Only you have to do is configure it so that it will rotate SSLs once it gets expired. And Off-course you need your own domain.
Following below steps you can configure and install SSL certificates using Let’s Encrypt
Install Certbot
Certbot is a command-line tool that can be used to request and install SSL certificates from Let’s Encrypt. You can install Certbot on your server by following the instructions on the Certbot website.
Request SSL certificate
Once Certbot is installed, you can request an SSL certificate from Let’s Encrypt using the following command:
sudo certbot certonly --webroot --webroot-path /var/www/html -d example.com -d www.example.com
Replace “example.com” with your own domain name. This command will generate a new SSL certificate and store it on your server.
Configure Apache
Next, you need to configure Apache to use the new SSL certificate. Open the Apache configuration file for your website using the following command:
sudo nano /etc/apache2/sites-available/example.com.conf
Add the following lines to the file:
<VirtualHost *:443>
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/html
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
</VirtualHost>
Make sure to replace “example.com” with your own domain name. Save and close the file.
Restart Apache
After making changes to the Apache configuration file, you need to restart Apache for the changes to take effect. Use the following command to restart Apache:
sudo systemctl restart apache2
Verify SSL
Finally, you can verify that your SSL certificate is installed correctly by visiting your website using HTTPS. If everything is working correctly, you should see a green padlock icon in your web browser’s address bar.
That’s it! You have now successfully configured SSL using Let’s Encrypt on your Apache server.