Install Let’s Encrypt

Install Git

apt-get install git

Install Certbot

cd /opt
git clone

Stop Apache

service apache2 stop

Generate certificate

cd /opt/certbot/
./certbot-auto certonly --standalone --rsa-key-size 4096 -d domain.xx -d www.domain.xx

Certificates and key are now installed in /etc/letsencrypt/live/domain.xx

ls -al /etc/letsencrypt/live/domain.xx
  • cert.pem
  • chain.pem
  • fullchain.pem
  • privkey.pem

Add certificate to Apache webserver

vi /etc/apache2/sites-available/domain.xx.conf
    SSLEngine on
    # SSLCertificateFile /var/www/clients/client3/web8/ssl/domain.xx.crt
    # SSLCertificateKeyFile /var/www/clients/client3/web8/ssl/domain.xx.key
    SSLCertificateFile /etc/letsencrypt/live/
    SSLCertificateKeyFile /etc/letsencrypt/live/

Redirect http to https

    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Start Apache

service apache2 start

Renew certificate

/opt/certbot/certbot-auto renew

See also