<\/p>\n\n\n\n
By ChatGPT as is:<\/p>\n\n\n\n
Below is a clear step-by-step guide to using Let\u2019s Encrypt (free SSL) with Apache2<\/strong>. Let\u2019s Encrypt issues FREE SSL certificates, automated and trusted by browsers.<\/p>\n\n\n\n On Ubuntu\/Debian:<\/p>\n\n\n\n You need a working HTTP site first:<\/p>\n\n\n\n Example:<\/p>\n\n\n\n Enable it:<\/p>\n\n\n\n Test by visiting:<\/p>\n\n\n\n Let\u2019s Encrypt requires port 80<\/strong> open.<\/p>\n\n\n\n Now run Certbot:<\/p>\n\n\n\n Certbot will ask:<\/p>\n\n\n\n Certbot will:<\/p>\n\n\n\n Visit:<\/p>\n\n\n\n Check padlock icon in browser.<\/p>\n\n\n\n Certbot automatically installs a cron job.<\/p>\n\n\n\n Test it:<\/p>\n\n\n\n If no errors \u2192 your SSL will auto-renew forever.<\/p>\n\n\n\n Let\u2019s Encrypt puts certs here:<\/p>\n\n\n\n You\u2019ll see:<\/p>\n\n\n\n Apache config uses:<\/p>\n\n\n\n Add redirect in port 80 VirtualHost:<\/p>\n\n\n\n Reload Apache:<\/p>\n\n\n\n <\/p>\n","protected":false},"excerpt":{"rendered":" By ChatGPT as is: Below is a clear step-by-step guide to using Let\u2019s Encrypt (free SSL) with Apache2.This assumes you already have a domain pointing to your server\u2019s public IP. \u2705 Using Let\u2019s Encrypt With Apache2 (HTTPS Setup) Method: Certbot (recommended) Let\u2019s Encrypt issues FREE SSL certificates, automated and trusted by browsers. 1. Install Certbot … <\/p>\n
This assumes you already have a domain pointing to your server\u2019s public IP.<\/p>\n\n\n\n
\n\n\n\n\u2705 Using Let\u2019s Encrypt With Apache2 (HTTPS Setup)<\/strong><\/h1>\n\n\n\n
Method: Certbot (recommended)<\/strong><\/h3>\n\n\n\n
\n\n\n\n1. Install Certbot + Apache plugin<\/strong><\/h1>\n\n\n\n
sudo apt update\nsudo apt install certbot python3-certbot-apache\n<\/code><\/pre>\n\n\n\n
\n\n\n\n2. Verify Apache VirtualHost for HTTP<\/strong><\/h1>\n\n\n\n
sudo nano \/etc\/apache2\/sites-available\/yourdomain.conf\n<\/code><\/pre>\n\n\n\n<VirtualHost *:80>\n ServerName yourdomain.com\n ServerAlias www.yourdomain.com\n DocumentRoot \/var\/www\/yourdomain\n<\/VirtualHost>\n<\/code><\/pre>\n\n\n\nsudo a2ensite yourdomain.conf\nsudo systemctl reload apache2\n<\/code><\/pre>\n\n\n\nhttp://yourdomain.com\n<\/code><\/pre>\n\n\n\n
\n\n\n\n3. Allow ports (80 and 443)<\/strong><\/h1>\n\n\n\n
sudo ufw allow 80\nsudo ufw allow 443\nsudo ufw reload\n<\/code><\/pre>\n\n\n\n
\n\n\n\n4. Obtain the SSL certificate<\/strong><\/h1>\n\n\n\n
sudo certbot --apache -d yourdomain.com -d www.yourdomain.com\n<\/code><\/pre>\n\n\n\n\n
\n
\n\n\n\n5. Validate certificate installation<\/strong><\/h1>\n\n\n\n
https://yourdomain.com\n<\/code><\/pre>\n\n\n\n
\n\n\n\n6. Certificate auto-renew (built in)<\/strong><\/h1>\n\n\n\n
sudo certbot renew --dry-run\n<\/code><\/pre>\n\n\n\n
\n\n\n\n7. Where certificates are stored<\/strong><\/h1>\n\n\n\n
\/etc\/letsencrypt\/live\/yourdomain.com\/\n<\/code><\/pre>\n\n\n\n\n
SSLCertificateFile \/etc\/letsencrypt\/live\/yourdomain.com\/fullchain.pem\nSSLCertificateKeyFile \/etc\/letsencrypt\/live\/yourdomain.com\/privkey.pem\n<\/code><\/pre>\n\n\n\n
\n\n\n\n8. Optional: Force HTTPS manually (if you didn\u2019t let certbot do it)<\/strong><\/h1>\n\n\n\n
sudo nano \/etc\/apache2\/sites-available\/yourdomain.conf\n<\/code><\/pre>\n\n\n\n<VirtualHost *:80>\n ServerName yourdomain.com\n Redirect permanent \/ https:\/\/yourdomain.com\/\n<\/VirtualHost>\n<\/code><\/pre>\n\n\n\nsudo systemctl reload apache2\n<\/code><\/pre>\n\n\n\n
\n\n\n\n\u2714\ufe0f Summary<\/h1>\n\n\n\n
Step<\/th> Action<\/th><\/tr><\/thead> 1<\/td> Install certbot + apache plugin<\/td><\/tr> 2<\/td> Ensure HTTP VirtualHost works<\/td><\/tr> 3<\/td> Open required ports<\/td><\/tr> 4<\/td> Run certbot to obtain SSL<\/td><\/tr> 5<\/td> Test HTTPS<\/td><\/tr> 6<\/td> Verify auto-renew<\/td><\/tr> 7<\/td> Check certificate file paths<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n
\n\n\n\n