Let's Encrypt certificates it is a service that provides certificates via the Certbot client software running on your server.
Add the repository
$ sudo add-apt-repository ppa:certbot/certbot
Update Ubuntu repositories
$ sudo apt-get update
Install Certbot from repository
$ sudo apt-get install python-certbot-apache
If you have the ufw firewall enabled you have to ensure that your server allow SSL traffic.
$ sudo ufw status
Generate the SSL certificate using Certbot.
After run the below command, you should follow the step-by-step guide to customize your certificate options.
$ sudo certbot --authenticator standalone --installer apache -d example.com -d www.example.com --pre-hook "service apache2 stop" --post-hook "service apache2 start"
Note: The apache service should be stopped. Otherwise the Certbot will not be able to binding the server ports.
If everithing is fine, your web server will be able to serve SSL requests.
You can test it, acessing to https://example.com
The Certbot provides a cron in charge of renewal any certificate that's within thirty days of expiration.
You can test the renewal process run:
$ sudo certbot renew --dry-run --pre-hook "service apache2 stop" --post-hook "service apache2 start"
If you have problems to renew the certificate with previous command you can force the renewal run:
$ sudo certbot certonly --force-renew --apache --cert-name example.com -d example.com -d www.example.com
This information is extracted from the following links: