I recently converted a number of websites over to using Let’s Encrypt for SSL certificates, and the process was much easier than I expected.
I expected a steeper learning curve, so I put off doing this for a long time. However, having to re-issue and install a new SSL cert every year is irritating.
The instructions on Let’s Encrypt’s site are great, but in a nutshell, here is what I did for nginx on Ubuntu 20:
sudo snap install core sudo snap refresh core sudo apt-get remove certbot sudo snap install --classic certbot sudo ln -s /snap/bin/certbot /usr/bin/certbot sudo certbot --nginx
It read my nginx configuration, and prompted me to indicate which sites I wanted to issue certificates for, and I was done. The Certbot will periodically renew all my SSL certificates now.