Let’s Encrypt

:: security, sysadmin

I recently converted a number of websites over to using Let’s Encrypt for SSL certificates, and the process was much easier than I expected.

I expected a steeper learning curve, so I put off doing this for a long time. However, having to re-issue and install a new SSL cert every year is irritating.

The instructions on Let’s Encrypt’s site are great, but in a nutshell, here is what I did for nginx on Ubuntu 20:

sudo snap install core
sudo snap refresh core
sudo apt-get remove certbot
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
sudo certbot --nginx

It read my nginx configuration, and prompted me to indicate which sites I wanted to issue certificates for, and I was done. The Certbot will periodically renew all my SSL certificates now.