Home >Operation and Maintenance >Linux Operation and Maintenance >How to protect Apache with Let's Encrypt on Ubuntu 18.04 and 16.04 LTS

How to protect Apache with Let's Encrypt on Ubuntu 18.04 and 16.04 LTS

不言
不言Original
2019-04-02 14:34:264010browse

Let’s Encrypt is a Certificate Authority (CA) that provides free SSL/TLS certificates for enhanced security. CA signed SSL certificates can be generated for any domain, subdomain at no cost and can be used on the server. It also provides an option to automatically renew the SSL certificate for long-term use.

How to protect Apache with Let's Encrypt on Ubuntu 18.04 and 16.04 LTS

Step 1: First Prerequisites

Before you begin this task, assume that you have :

Use sudo privilege shell access to run the Ubuntu system. The domain name is registered and points to the server's public IP address. In this article, we use example.com and www.example.com, which point to our server. Run an Apache2 server, configure VirtualHost for example.com, and configure www.example.com for port 80.

Step 2: Install let's encrypt client

You can download the certbot auto-let's encrypt client and save it in the /usr/sbin directory. Use the following command to do this.

$ sudo wget https://dl.eff.org/certbot-auto -O /usr/sbin/certbot-auto
$ sudo chmod a+x /usr/sbin/certbot-auto

Step 3: Issuing SSL from Let's Encrypt

let's encrypt automatically performs domain verification (DV) across multiple challenges. Once the Certificate Authority (CA) has verified the authenticity of your domain, an SSL certificate will be issued.

No need to create virtualhost for ssl/https, use let's encrypt to create it. =Only need to create virtual host for port 80.

$ sudo certbot-auto --apache -d example.com  -d www.example.com

The above command will prompt for an email address that will be used to send email alerts related to SSL renewal and expiration. Also, ask a few questions. Once completed, it will issue an SSL certificate and create a new virtual host profile on your system.

Step 4: Configure SSL automatic renewal

Finally, configure the following job on the server crontab to automatically renew the SSL certificate when needed.

0 2 * * * sudo certbot-auto -q renew

This article has ended here. For more other exciting content, you can pay attention to the Linux Video Tutorial column on the PHP Chinese website! ! !

The above is the detailed content of How to protect Apache with Let's Encrypt on Ubuntu 18.04 and 16.04 LTS. For more information, please follow other related articles on the PHP Chinese website!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn