Let’s encrypt is an open source certificate authority that provides free ssl using ACME Protocol backed by some big brands like cisco, mozilla and facebook with a mission to secure the internet. Today supported by major cloud platforms and operating systems.
sudo cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/example.com.conf
Certbot have an Apache plugin that can install the certificate automatically based on the virtual host and Server Alias Running this command will automatically obtain certificates for the listed domains
$ sudo certbot --apache
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
1: example.com
2: www.example.com
As Let’s encrypt ssl is valid for 90 days so we have to explicitly renew the ssl certificate there is a command for that also that setup cron on our server to regularly check for expired certificate and automatically renew them.
$ sudo certbot renew --dry-run
1. Go to the Instance Detail and click Edit
2. Enable Https Support in the firewall settings
1. Goto Network Details
2. Add Firewall rule if not created automatically like this
Certbot have an Apache plugin that can install the certificate automatically based on the virtual host and Server Alias Running this command will automatically obtain certificates for the listed domains