Getting a FREE SSL Certificate and Installing Let’s Encrypt on Ubuntu 16.04

Usually when you need to obtain an SSL Certificate, you may have found yourself going to one of the major certificate authorities. Of which some of those include Symantec, Digicert, Network Solutions, or Go Daddy. All of these are trusted providers for SSL Certificates. Browsers tend to trust these authorities over a self-signed certificate because there is some sort of validation process happening to ensure everything is on the up-and-up when it comes to SSL Encryption. Most SSL Certificate Authorities will even provide you with some sort of insurance if something goes wrong and the SSL Encryption is broken. For that reason, you may end up paying upwar
ds of $100 – $500 per year for the SSL Certificate.

To obtain a free SSL Certificate, you also have the option to self sign your own SSL Certificate. By self signing your own SSL Certificate, you may notice that browsers react badly to your SSL Cert as compared to one you may purchase from a Certificate Authority. Some browsers may even block users from getting to your site because the browser doesn’t recognize your SSL Cert as coming from a trusted provider.

A third option is to find an SSL Certificate Authority who offers SSL Certificates as a free service. Enter Let’s Encrypt! Let’s Encrypt is known as an open certificate authority. A certificate generated by the Let’s Encrypt software is only good for about 60 days, in which you will have to renew it. One of the great things about Let’s Encrypt is that they provide you with an automated way of creating and renewing your certificates. And it all runs in the background!!

Installing Let’s Encrypt on Ubuntu 16.04

    1. Add the repository
      sudo add-apt-repository ppa:certbot/certbot
    2. Get the updated references to the repository you just added
      sudo apt-get update
    3. Install Certbot
      sudo apt-get install python-certbot-apache

Setting up Let’s Encrypt

Certbot makes it really easy to generate certificates for which ever domains you are hosting on your Ubuntu 16.04 web server. If you using the same certificate for multiple domains, you will need to indicated that in the following command:

sudo certbot --apache -d example.com -d www.example.com

That it! You’ve created your certificate and your server should be all setup to use the domain you created. At this point, you will want to run two more checks.

  1. Ensure that your SSL Certificate is properly setup
    https://www.ssllabs.com/ssltest/analyze.html?d=example.com&latest
  2. Verify that the renewal process will not have any issues generating the new certificate.
    sudo certbot renew --dry-run

Author: Joshua Johnson

My name is Joshua Johnson and I am the founder of UA1 Labs. I am passionate about helping other developers to become successful in their paths. When I started developing software, I didn't have many resources to help me out. UA1 Labs is my way of giving back to all those who helped me.

Leave a Reply

Your email address will not be published. Required fields are marked *