User Tools

Site Tools


This is an old revision of the document!

Lets Encrypt SSL


Set up the following directory structure (look at the others there as an example):

$ sudo tree -a /var/www/well-known
    \-- .well-known -> .

For your regular HTTP site (non-SSL) add the following to your <VirtualHost/> block:

Include /etc/apache2/conf-available/well-known.conf

Now reload Apache for your configuration to take effect.

Finally run:

sudo certbot certonly --webroot -w /var/www/well-known/ -d -d

N.B. you can append many more sub-domains on there if you want to use use multiple domains in the same certificate, though you might have to play with mod_rewrite in /etc/apache2/conf-available/well-known.conf to line things up.

Now go back to your Apache configuration section and add a new <VirtualHost/> block for your domain but create your HTTPS section and insert the following lines into it:

SSLCertificateFile /etc/letsencrypt/live/
SSLCertificateKeyFile /etc/letsencrypt/live/
SSLCertificateChainFile /etc/letsencrypt/live/
Include /etc/letsencrypt/options-ssl-apache.conf

Finally, do one last reload and you should have a secure site.

ssl.1465489887.txt.gz · Last modified: 2016/06/09 17:31 by alex