It's time to ditch Medium for good! 🌈⚡️

Introducing Devblog by Hashnode. Blog on your domain for FREE. Highly customizable and optimized for developers.

Learn more

Let's Encrypt on Debian/Ubuntu and Apache


This mini guide assumes you know how to set up a basic non-https domain in Debian or Ubuntu with Apache, once that's done you can follow on here how you extend it to a free certificate from Let's Encrypt.

Install the tool

First install the Let's Encrypt tool, this tool does almost all the work for you. You can install it with this one line command:

cd /usr/local/sbin && sudo wget

Make all domains auto update

The command for renewing your certificates is certbot-auto renew but instead of doing this manually every month we can set up a cron task to do it.

Open the cron editor

sudo crontab -e

And add this line, which will auto renew all your certificates from Let's Encrypt

30 2 * * 1 /usr/local/sbin/certbot-auto renew >> /var/log/le-renew.log

Install certificates

All you have to do now in order to install a certificate is to run this command. You can add as many -d arguments as you want if you want to assign that certificate to more domains and subdomains.

sudo certbot-auto --apache -d -d

Certbot will ask you if you allow both http and https, it will say the first is easier, in my opinion both are equally easy and requires no more to be done from here.

Also featured on My blog at

Emil Moe's photo

Emil Moe

All over the world

Write your comment…

That's some neat trick @emilmoe . Lately hearing some good things about Lets encrypt but still I'm too skeptical to go with it. Maybe I will start using it for my pet projects and later on use it in production apps. But, what do you think about it?

Show all replies

That's nice to hear @emilmoe ! I will try to use it and see how it pans out!

Reply to this…

Share your programming knowledge and learn from the best developers on Hashnode

Get started

Thanks @emilmoe

I will be using Let's encrypt soon. This article ll be helpful. :)

Show all replies

Thanks @emilmoe :)

Reply to this…