How To Secure Apache with Let’s Encrypt on Ubuntu 16.04

(Last Updated On: 18 Dec 2017)

Introduction

This tutorial will show you how to set up a TLS/SSL certificate from Let’s Encrypt on an Ubuntu 16.04 server running Apache as a web server.

SSL certificates are used within web servers to encrypt the traffic between the server and client, providing extra security for users accessing your application. Let’s Encrypt provides an easy way to obtain and install trusted certificates for free.

 

Prerequisites

In order to complete this guide, you will need:

  1. An Ubuntu 16.04 server with a non-root sudo-enabled user, which you can set up by following our Initial Server Setup guide
  2. The Apache web server installed with one or more domain names properly configured through Virtual Hosts that specify ServerName.

When you are ready to move on, log into your server using your sudo-enabled account.

 

Step 1 — Install the Let’s Encrypt Client

Let’s Encrypt certificates are fetched via client software running on your server. The official client is called Certbot, and its developers maintain their own Ubuntu software repository with up-to-date versions. Because Certbot is in such active development it’s worth using this repository to install a newer version than Ubuntu provides by default.

First, add the repository: MORE.. OR MORE…