How to Install “Let’s Encrypt” SSL/TLS Certificates?


Secured sites have been on a rise because of increasing cyber attacks and preferences of search engines to rank websites. Many blogs and websites are shifting to HTTPS domain and the basic step of the procedure includes obtaining an SSL certificate.

Internet Security Research Group (ISRG) is the organization that has initiated Let’s Encrypt as a security certification authority. The SSL certificate is necessary for migrating the website to HTTPS and it is compatible with various browsers like Google Chrome, Mozilla Firefox and Microsoft Internet Explorer.

It is currently the best free security certification authority that provides certification without any hassle. There are many benefits of using Let’s Encrypt which include-

  • Free – HTTPS certification at no extra cost
  • Automatic – It has an automatic installation and configuration feature and doesn’t require Admin to face complexities.
  • Open – The process of issue of automatic updates and renewal is quite open.
  • Transparent – The resources regarding the details of the security certificate is available easily.
  • Secure – There is a dedicated team that works for making the certifications more better.
  • Cooperative – Let’s Encrypt has been trusted by thousands of website on the Internet for its safety and reliability.

How to Install Let’s Encrypt Free SSL Certificate

One must have the root access to the server of the site in which the certification is to be included. Moreover, one must have the Let’s Encrypt client application in order to generate and install the SSL Certificate. Let’s assume the site to be ‘hardisha.com

In order to install Let’s Encrypt Free SSL certificate, the following steps are to be followed:

Step 1: With rootaccess of the server, one must login to the domain ‘hardisha.com’
Step 2: One needs to use the commands given below to access the Git version of the installer-
apt-get install git
Step 3: For installation of the SSL certificate manager from GIT, the following command is used –

git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt
./letsencrypt-auto

Step 4: When the installation begins, it asks for an agreement, Agree to it and continue
Step 5: After this step, enter the address of the domain that needs the security certificate.
Step 6: Then you need to enter your email id so that you can receive notifications regarding the installation and certificate.
Step 7: After the Terms and Service appears, go through it and press Enter to finish the process.



The installation is finally completed and the user is notified.

Let’s understand how to configure Let’s Encrypt for Ngnix and Apache servers.

Installing Let’s Encrypt SSL Certificate in Ngnix/Apache Servers

Nginx or Apache web servers do not have a direct configuration for installation of the security certificate.They need to code in files for doing so.
For example, in case of Nginx: To use the installed SSL certificate, you need to edit Nginx configuration file. The Nginx configuration file is added by

$ sudo nano /etc/nginx/sites-available/hardisha.com

Within that file, add the following lines.

http{
server{
…
listen 443 ssl;
server_name www.hardisha.com;
ssl_certificate /etc/letsencrypt/live/www.hardisha.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/.www.hardisha.com/privkey.pem;
…
}
}

The file is saved and the Nginx web server is started using the following command:

sudo nginx -s reloadgt

The SSL certificate is successfully installed on Hardisha.com

Let’s Encrypt SSL certificates are valid for 90 days. After the certificate expires, you need to follow the procedures as above again to continue the SSL certificate.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.