how to add let's encrypt ssl certificate in vps

Daniel Parker

3 min read

·

05-02-2025

1

0

Share

Getting a secure HTTPS connection for your website is crucial for user trust and SEO. Let's Encrypt offers free, automated SSL certificates, making securing your VPS a straightforward process. This guide walks you through adding a Let's Encrypt SSL certificate to your VPS, regardless of your chosen operating system or web server. We'll cover the most common methods.

Choosing Your Method: Certbot

The most popular and recommended way to obtain and install Let's Encrypt certificates is using Certbot. Certbot automates the entire process, simplifying what can be a complex task. It offers various plugins depending on your web server setup. We'll focus on the most common ones:

1. Using Certbot with Apache

If you're using Apache as your web server, Certbot's Apache plugin is the easiest option.

Prerequisites:

• Apache installed and running: Ensure your web server is up and running.
• Certbot installed: Use your distribution's package manager (e.g., apt-get install certbot on Debian/Ubuntu, yum install certbot on CentOS/RHEL).

Steps:

1. Obtain and install the certificate: Run the following command:

   sudo certbot --apache -d your_domain.com -d www.your_domain.com
   

   Replace your_domain.com with your actual domain name. Including www.your_domain.com ensures both versions are covered.

2. Verify the installation: Certbot will automatically configure Apache to use the new certificate. Check your website using a browser; you should see a padlock icon indicating a secure connection. Tools like Qualys SSL Labs can provide a detailed security report.

3. Automatic Renewal: Certbot can automatically renew your certificates before they expire. Set up a cron job (or equivalent) to run the renewal command:

   sudo certbot renew --dry-run # Test the renewal process
   sudo certbot renew # Actual renewal (schedule this with cron)
   

2. Using Certbot with Nginx

For Nginx users, the process is slightly different.

Prerequisites:

• Nginx installed and running: Your web server must be functional.
• Certbot installed: Install Certbot as described in the Apache section.

Steps:

1. Obtain and install the certificate: Use the Nginx plugin:

   sudo certbot --nginx -d your_domain.com -d www.your_domain.com
   

2. Verify the installation: Like with Apache, Certbot will configure Nginx. Check your website's security.

3. Automatic Renewal: Similar to Apache, schedule a cron job to run the sudo certbot renew command.

3. Using Certbot with a Standalone Web Server (Manual Method)

This method is useful if you have a less common web server or prefer more control.

Prerequisites:

• Certbot installed: Install Certbot as previously described.

Steps:

1. Obtain the certificate: This uses a temporary HTTP server:

   sudo certbot certonly --standalone -d your_domain.com -d www.your_domain.com
   

2. Manually configure your webserver: After obtaining the certificate, you'll need to manually copy the certificate files (fullchain.pem and privkey.pem) to your webserver's configuration directory and adjust your server block to use the new SSL certificate. The exact location and configuration will depend on your specific webserver.

3. Renewal: You'll also need to manually renew the certificate using sudo certbot renew and reconfigure your webserver.

Troubleshooting

• Port Conflicts: If you encounter port conflicts, you might need to adjust firewall rules or temporarily stop other services using ports 80 and 443.
• Domain Verification: Certbot needs to verify it has control over your domain. Ensure your DNS records are correctly configured and your domain is pointing to your VPS. If using a different DNS provider than your webhost, check propagation times.
• Error Messages: Carefully read any error messages provided by Certbot. They usually pinpoint the problem.

Conclusion

Adding a Let's Encrypt SSL certificate to your VPS is a crucial step in securing your website. Certbot simplifies this process, regardless of your web server choice. Remember to set up automatic renewals to maintain your website's security continuously. By following these steps, you can easily and securely protect your website and user data. Always refer to the official Certbot documentation for the most up-to-date instructions.