In this article, we will discuss “How to Setup Lets Encrypt a Free SSL Certificate”.
What is SSL and Why we need it?
SSL is known as Secure Sockets Layer. It is mostly deployed security protocol and these protocols provide a secure channel between two machines operating over the internet. The search engines also recommend using SSL on every website. Also, SSL increases the trust level between the website and its users. The SSL protocol is typically used when a web browser needs to securely connect to a web server over the inherently insecure Internet.
HTTP stands for HyperText Transfer Protocol. HTTPS stands for HyperText Transfer Protocol Secure.
As you can see HTTP and HTTPS in the address bar in front of the domain with a padlock. HTTP uses TCP (Transmission Control Protocol) over port 80. HTTPS uses TCP over port 443, within an encrypted connection by TLS (Transport Layer Security). TLS manage security to hide sensitive data and make sure that nobody’s able to read and edit the data through encryption and decryption.
HTTPS originally used SSL (Secure Sockets Layer), it establishes encrypted links for communication between a web server and a browser (a public key and a private key) but has evolved to TLS. SSL Certificate is a digital certificate that authenticates the identity of the website. HTTPS is known to be more secure than HTTP. We will discuss more on the security layers and protocols in our future articles.
Why Let’s Encrypt?
Let’s Encrypt is a non-profit certificate provider, it’s known as Internet Security Research Group (ISRG). It provides X.509 certificates for Transport Layer Security encryption at zero cost. But, Let’s Encrypt certificates are valid for 90 days only.
Today, 99.9% of hosting providers selling the SSL certificates. So some of the providers do not support Let’s Encrypt directly. It means you can’t use Let’s Encrypt directly from the cPanel or from your hosting panel. But, you can create your SSL certificate from your system and upload it on your server. In this tutorial, you will learn How to Setup Lets Encrypt a Free SSL Certificate.
I’m a Windows user and using Windows 10, But, after doing small research I found the easiest way to create SSL from the Linux Operating System. Because I’m familiar with the Linux OS so I’m using Linux to create SSL.
If you are a dedicated Linux user then it is a plus point for you. If not, then you can go with WSL (Windows Subsystem Linux), It’s easy to set up in the windows 10.
Run the following commands in your Linux Terminal (WSL).
You may need to prefix each command with sudo.
Add Certbot Repository
Update package list
apt-get install certbot
Now, the installation is done. Need to create a certificate.
Create SSL Certificate
// Primary Domain certbot -d mydomain.com --manual --preferred-challenges http certonly // If you want to create SSL for primary and all of subdomains then you can use the following command. certbot -d "mydomain.com" -d "*.mydomain.com" --manual --preferred-challenges dns certonly
Above mention, certbot creates an SSL certificate Private, Public and other keys. Which we need to upload to the server manually.
-d – Your Domain
–manual – Provides manual instructions for obtaining a certificate
–preferred-challenges – Challenge Type, avaliable types DNS, http
In this tutorial, I’m using HTTP challenge type. Because it is easy to add in the server using cPanel or FTP instead of DNS.
After executing this command, you can see the terminal showing a question which asked:
“Are you ok with your IP being logged?”
“Type Y and Enter to continue”
Preferred Challenge “http”
As per the certbot command, we use http preferred challenge. It’s easy to process on the terminal, you get the file name and its content. You just need to create a file on the suggested path. After that, you can check the newly created file on the web browser.
After completing this process press Enter key. Your new SSL certificate is ready for deploy.
Preferred Challenge “DNS”
If, we use DNS preferred challenge. Then It’s required to add DNS record on the hosting server as per given values in the terminal screen.
Renew SSL Certificate
As we know Let’s Encrypt provided SSL certificates are valid only for the 90 days. So we need to renew timely. You have to run the same command that will offer you to renew.
In this article, I’m trying to explain to you “How to Setup Lets Encrypt a Free SSL Certificate”. It’s a simple process, you can do this from your Windows 10 (WSL) or Linux. Please feel free to add the comment, if any query. You can also submit your feedback 😉