Let’s Encrypt is a Certificate Authority (CA) that facilitates obtaining and installing free TLS/SSL certificates, thereby enabling encrypted HTTPS on web servers. It simplifies the process by providing a software client, Certbot, that attempts to automate most (if not all) of the required steps. Currently, the entire process of obtaining and installing a certificate is fully automated on Apache.
Installing Certbot
sudo apt install certbot python3-certbot-apache
Allowing HTTPS Through the Firewall
sudo ufw allow 'Apache Full'
sudo ufw delete allow 'Apache'
Obtaining an SSL Certificate
sudo certbot --apache
This script will prompt you to answer a series of questions in order to configure your SSL certificate.
Verifying Certbot Auto-Renewal
sudo systemctl status certbot.timer
Test the renewal process
sudo certbot renew --dry-run