Obtaining a certificate with Let’s Encrypt
|# a2enmod ssl|
|# apt-get install -y git|
③Install the certificate acquisition tool
|# cd /usr/local/|
# git clone https://github.com/certbot/certbot
Certbot” is now installed under /usr/local/certbot.
④Install the certificate
|# certbot certonly –webroot -w /var/www/html/<document root> -d <Domain Name>|
# Specify an email address that can be received.
Enter email address (used for urgent notices and lost key recovery)
< OK > <Cancel>
Please read the Terms of Service at
You must agree in order to register with the ACME server at
<Agree > <Cancel>
– Congratulations! Your certificate and chain have been saved at
/etc/letsencrypt/live/<Domain Name>/fullchain.pem. Your cert will
expire on 2018-07-27. To obtain a new version of the certificate in
the future, simply run Let’s Encrypt again.
– If you like Let’s Encrypt, please consider supporting our work by:
Donating to ISRG / Let’s Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/don
# If it says Congratulations, you’ve succeeded.
# The certificate is obtained under [/etc/letsencrypt/live/ <domain name>/] as described in the message.
# cert.pem ⇒ SSL Server Certificate(Public key included)
# chain.pem ⇒ intermediate certificate
# fullchain.pem ⇒ A file containing the concatenation of cert.pem and chain.pem
# privkey.pem ⇒ Private key to public key