Enabling SSL in 20 seconds with Certbot and Let's Encrypt

16 June 2019

It’s been ages since I’ve setup a server, yesterday I did it and was pleasantly surprised of how quick and easy it is to set up a SSL enabled website these days.

I had heard for sure about Let’s Encrypt, but I imagined it would be at least somewhat complex. But I hadn’t heard about Certbot which was an important part of the amazing experience.

So, in my concrete case (Ubuntu 19.04 with nginx already installed, port 443 open in the firewall and domain configured in Digital Ocean’s DNS service):

  • sudo add-apt-repository ppa:certbot/certbot
  • sudo apt install python-certbot-nginx
  • sudo certbot
    • Type your email address to emit the certificate(s)
    • Type in the domains you want the certificates for
  • sudo systemctl restart nginx

All the steps taken by the tool are stored in /var/log/letsencrypt/letsencrypt.log, you can look at this file to understand how Let’s Encrypt API works.

Finally, all relevant data is stored under /etc/letsencrypt. You should backup this folder to avoid losing the certificate information.