Use Certbot to Issue a Digital Certificate for Your Site

Published: 2024-01-29 | Updated: 2024-05-16

This post is relevant to use of Apache proxy server. If you’re using nginx as your reverse-proxy check this post.

It’s a pretty simple one-liner. All you need to do is tell certbot which domain(s) you need certificates for. Certbot takes care of the rest.

Here we’ll ask for certificates for both the main domain, myDomain.me, and the www sub-domain:

certbot --apache -d myDomain.me -d www.myDomain.me

Wait and watch as the magic happens. After a few moments this is the expected output you will see:

Congratulations! You have successfully enabled https://myDomain.me and https://www.myDomain.me

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=myDomain.me
https://www.ssllabs.com/ssltest/analyze.html?d=www.myDomain.me
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/myDomain.me/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/myDomain.me/privkey.pem

   Your cert will expire on 2023-11-14. To obtain a new or tweaked version of this certificate in the future, simply run certbot again with the "certonly" option. To non-interactively renew *all* of your certificates, run "certbot renew"

 - If you like Certbot, please consider supporting our work by:
   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le