Set up letsencrypt on linux

Its actually pretty easy:

Installing is helped with by

Make sure the webserver is running, then point certbot to the web root and add all the domains you want to get covered:

certbot certonly --webroot -w /var/www/ -d -d

For auto-renewal, at the following as a file into /etc/cron.daily/:

certbot renew --post-hook "service apache2 restart"
# certbot renew --post-hook "service nginx restart"

Add the new certs to the web server config.

# Apache:
SSLCertificateFile /etc/letsencrypt/live/  
SSLCertificateKeyFile /etc/letsencrypt/live/

# nginx:
ssl_certificate /etc/letsencrypt/live/;
ssl_certificate_key /etc/letsencrypt/live/;

Dont forget to restart the web servers.

Web Server Setup

Depending on the setup exlusions for the letsencrypt verification url have to be added.


add RewriteCond %{REQUEST_URI} !\.well-known/acme-challenge before every applicable RewriteRule in your virtual host or .htaccess config.