Skip to content

Instantly share code, notes, and snippets.

@tjtanjin

tjtanjin/certbot_apache_guide.md

Last active January 5, 2021 05:48
Show Gist options
  • Save tjtanjin/606cb75f921dba9c3efdfa1a00c108d1 to your computer and use it in GitHub Desktop.
Save tjtanjin/606cb75f921dba9c3efdfa1a00c108d1 to your computer and use it in GitHub Desktop.
Download ZIP
A short guide to using certbot with apache2!
Raw
certbot_apache_guide.md

How to generate SSL certificate with certbot for apache2 on Ubuntu (18.04/20.04)

Introduction

This short guide will walk you through using certbot to create a SSL certificate for a website hosted on apache2 (tested on Ubuntu 18.04 and 20.04).

Prerequisites

This guide assumes knowledge of the following:

1) Provisioning a VPS
2) Familiarity with SSH
3) Familiarity with linux command line
4) Familiarity with setting up domains

Server Setup

To begin, you will need to provision a VPS from cloud providers such as digitalocean or upcloud. Other popular services like AWS and google cloud would work as well with their EC2 and compute instances but the nature of those services are such that they are slightly more complicated to work with so they will not be included in this guide.

Once you have your VPS provisioned, SSH into your server with the following command (replacing 11.11.11.11 with your server's IP address):

$ ssh root@11.11.11.11

Within your server, run the update command below:

$ apt-get update

Next, install snapd with the following command:

$ apt-get install snapd

Then, remove all other certbot installations:

$ apt-get remove certbot

Next, install certbot with the command below:

$ snap install --classic certbot

If you are running apache2 as it is, run the command and follow through with the instructions:

$ certbot --apache

If you are running apache2 as part of the XAMPP stack, a few additional steps are required. First, use your preferred editor to comment out lines with ports 80 and 443 within the file /etc/apache2/ports.conf. For this example, vim is used to edit the file:

$ vim /etc/apache2/ports.conf

Next, create an empty file which certbot will write into later on.

$ touch /opt/lampp/etc/extra/httpd-vhosts-le-ssl.conf

Then, within the file /opt/lampp/etc/httpd.conf, go under the virtual hosts section and ensure that these 2 lines are present and uncommented (add them if they are not there):

Include etc/extra/httpd-vhosts.conf
Include etc/extra/httpd-vhosts-le-ssl.conf

You will then have to modify the file /opt/lampp/etc/extra/httpd-vhosts.conf and ensure this entry is found within it (replace yourproject with your project's file name and yourdomain.here.com with your own domain):

<VirtualHost *:80>
    DocumentRoot "/opt/lampp/htdocs/yourproject"
    ServerName yourdomain.here.com
RewriteEngine on
RewriteCond %{SERVER_NAME} =yourdomain.here.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

Please ensure that your project folder is placed exactly at the path of the DocumentRoot above. After this, restart XAMPP with the command:

$ /opt/lampp/lampp restart

Finally, execute the following command and follow through with the instructions:

sudo certbot --apache-ctl /opt/lampp/bin/apachectl

This concludes the guide for using certbot to generate a SSL certificate for apache2! Thank you for reading!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment