This article will help you setup SSL secure access for own domain using Free LetsEncrypt Certificates to use it over https network which is much secure as compared to http,
Prerequisite
LAMP (Linux, Apache, MariaDB and PHP) stack up and running on your debian / ubuntu linux distribution.
Enable SSL Secure Access for own domain
You are accessing this site via HTTP. We strongly suggest you configure your server using HTTPS instead as described in our security tips.
In this post we will learn, how to enable and configure SSL Secure access for Nextcloud with LetsEncrypt Free SSL Certificates.
Open the terminal and run the following command
sudo a2enmod ssl
LetsEncrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG).
They give people the digital certificates they need in order to enable HTTPS (SSL/TLS) for websites, for free, in the most user-friendly way we can.
SSL Secure access for your domain – Automatically enable HTTPS on your website with EFF’s Certbot, deploying Let’s Encrypt certificates.
Install Certbot apache2 packages
sudo apt-get update
sudo apt-get install software-properties-common
sudo apt-get install python3-certbot-apache
Configure Firewall
Open port 80 and 443 by setting a rule of firewall
sudo iptables -I INPUT -p tcp --dport 80 -j ACCEPT
sudo iptables -I INPUT -p tcp --dport 443 -j ACCEPT
Generate Certificates for SSL Secure Access
Run this command to get a certificate and have Certbot edit your Apache configuration automatically to serve it, turning on HTTPS access in a single step.
sudo certbot --apache
Or, just get a certificate
If you’re feeling more conservative and would like to make the changes to your Apache configuration by hand, run this command.
sudo certbot certonly --apache
When prompted enter the following Information:
Domain Name: mydomain.com
Email address: [email protected]
This will create the following files
SSL Secure access for your domain with Letsencrypt – Certificate Path:
/etc/letsencrypt/live/mydomain.com/fullchain.pem
SSL Secure access with Letsencrypt – Private Key Path:
/etc/letsencrypt/live/mydomain.com/privkey.pem
To obtain SSL Secure access with Letsencrypt, update the file
sudo vi /etc/apache2/sites-available/default-ssl.conf
with the following information
SSLCertificateFile /etc/letsencrypt/live/mydomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mydomain.com/privkey.pem
Then activate the virtual host
sudo a2ensite default-ssl
And restart the apache server
sudo service apache2 restart
To see the certificate information:
sudo certbot certificates
Automated renewal
SSL Secure access for your domain – Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let’s Encrypt certificates last for 90 days, it’s highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command
sudo certbot renew --dry-run
The command to renew certbot is installed in one of the following locations:
/etc/crontab/
/etc/cron./
systemctl list-timers
Confirm that Certbot worked
To confirm that your site is set up with SSL Secure access properly, visit https://yourwebsite.com/ in your browser and look for the lock icon in the URL bar. If you want to check that you have the top-of-the-line installation, you can head to https://www.ssllabs.com/ssltest/
One Reply to “SSL Secure Access for own domain using Free LetsEncrypt Certificates”
Ezeelogin Is an All-In-One SSH (Secure Shell Protocol) Gateway Network Protocol Platform for Business to Meet Compliances Such as PCI DSS, HIPPA, SOX, SOC2, FFIEC NIST, NERC, ISO 27001. We Empower Millions of Customers Around the World to Secure and Automate Their Linux Machine with Our Smart Technology, Award-Winning Support, And Inspiring Features Built for Engineers. Founded In 2012 And headquartered in Kerala India with Additional Office in Delaware USA, and Offering Services Globally Having Clients from E-Commerce, Fintech, Mobile, Advertising Company, Start-Ups, Data Canters, Hosting Providers Etc to know more visit us: https://www.ezeelogin.com