Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Install Let's Encrypt and create a free SSL certificate #OpenSSL #Markdown


Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. Let’s Encrypt is a service provided by the Internet Security Research Group (ISRG). This guide shows you how you can obtain a free SSL certificate.



Download the client code from the Github repository.

cd /usr/local/src/
sudo git clone
cd letsencrypt

Run the letsencrypt wrapper script.

sudo -h ./letsencrypt-auto

If you experience an error like this:

          InsecurePlatformWarning: A true SSLContext object is not available. 
          This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. 
          For more information, see

You have to update some pyhton libraries by running this command.

pip install pyopenssl ndg-httpsclient pyasn1

Now you can request a new ssl certificate. I assume you're running Nignx as your web server. To request a certificate we have to stop the web service temporarily.

sudo service nginx stop
sudo -H ./letsencrypt-auto certonly --email -d
sudo service nginx start

The new certificates are stored here: /etc/letsencrypt/live/

Update the Nginx configuration file for your domain.

sudo vi /etc/nginx/conf.d/

Add the new certificates:

ssl_certificate /etc/letsencrypt/live/;
ssl_certificate_key /etc/letsencrypt/live/;

Test your Nginx configuration file.

sudo nginx -t

And restart the service

sudo service nginx reload

Finally check your Nginx SSL configuration here:


Official Let's Encrypt client documentation

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment