Using Let’s Encrypt With Apache2 (HTTPS Setup)

By ChatGPT as is:

Below is a clear step-by-step guide to using Let’s Encrypt (free SSL) with Apache2.
This assumes you already have a domain pointing to your server’s public IP.

✅ Using Let’s Encrypt With Apache2 (HTTPS Setup)

Method: Certbot (recommended)

Let’s Encrypt issues FREE SSL certificates, automated and trusted by browsers.

1. Install Certbot + Apache plugin

On Ubuntu/Debian:

sudo apt update
sudo apt install certbot python3-certbot-apache

2. Verify Apache VirtualHost for HTTP

You need a working HTTP site first:

sudo nano /etc/apache2/sites-available/yourdomain.conf

Example:

<VirtualHost *:80>
    ServerName yourdomain.com
    ServerAlias www.yourdomain.com
    DocumentRoot /var/www/yourdomain
</VirtualHost>

Enable it:

sudo a2ensite yourdomain.conf
sudo systemctl reload apache2

Test by visiting:

http://yourdomain.com

3. Allow ports (80 and 443)

Let’s Encrypt requires port 80 open.

sudo ufw allow 80
sudo ufw allow 443
sudo ufw reload

4. Obtain the SSL certificate

Now run Certbot:

sudo certbot --apache -d yourdomain.com -d www.yourdomain.com

Certbot will ask:

Choose the domain(s)
Redirect HTTP → HTTPS automatically (recommended)

Certbot will:

Create the certificate
Install it into Apache
Modify your VirtualHost
Reload Apache

5. Validate certificate installation

Visit:

https://yourdomain.com

Check padlock icon in browser.

6. Certificate auto-renew (built in)

Certbot automatically installs a cron job.

Test it:

sudo certbot renew --dry-run

If no errors → your SSL will auto-renew forever.

7. Where certificates are stored

Let’s Encrypt puts certs here:

/etc/letsencrypt/live/yourdomain.com/

You’ll see:

cert.pem (public certificate)
privkey.pem (private key)
chain.pem (CA chain)
fullchain.pem (cert + chain)

Apache config uses:

SSLCertificateFile /etc/letsencrypt/live/yourdomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.com/privkey.pem

8. Optional: Force HTTPS manually (if you didn’t let certbot do it)

sudo nano /etc/apache2/sites-available/yourdomain.conf

Add redirect in port 80 VirtualHost:

<VirtualHost *:80>
    ServerName yourdomain.com
    Redirect permanent / https://yourdomain.com/
</VirtualHost>

Reload Apache:

sudo systemctl reload apache2

✔️ Summary

Step	Action
1	Install certbot + apache plugin
2	Ensure HTTP VirtualHost works
3	Open required ports
4	Run certbot to obtain SSL
5	Test HTTPS
6	Verify auto-renew
7	Check certificate file paths

Using Let’s Encrypt With Apache2 (HTTPS Setup)

✅ Using Let’s Encrypt With Apache2 (HTTPS Setup)

Method: Certbot (recommended)

1. Install Certbot + Apache plugin

2. Verify Apache VirtualHost for HTTP

3. Allow ports (80 and 443)

4. Obtain the SSL certificate

5. Validate certificate installation

6. Certificate auto-renew (built in)

7. Where certificates are stored

8. Optional: Force HTTPS manually (if you didn’t let certbot do it)

✔️ Summary

Related

Leave a Reply Cancel reply

Categories

Recent Posts

Topics

Grid

SMTP: Purpose, Installation, Steps, Data Format

Which ETF performed similarly to Bitcoin or closely? What performed the closet?

If I were putting CAD $5,000 into either SPSK or SPRE — which I’d choose, based on risk/reward and probabilities as of Today (Nov 28, 2025)

is SPRE a good purchase today

Is SPSK a Good Buy Today? A Clear Guide for Long-Term Investors

TFSA & RRSP Over-Contributions: What Canadians Need to Know (2025 Update)