This mini guide assumes you know how to set up a basic non-https domain in Debian or Ubuntu with Apache, once that's done you can follow on here how you extend it to a free certificate from Let's Encrypt.
Install the tool
First install the Let's Encrypt tool, this tool does almost all the work for you. You can install it with this one line command:
cd /usr/local/sbin && sudo wget https://dl.eff.org/certbot-auto
Make all domains auto update
The command for renewing your certificates is
certbot-auto renew but instead of doing this manually every month we can set up a cron task to do it.
Open the cron editor
sudo crontab -e
And add this line, which will auto renew all your certificates from Let's Encrypt
30 2 * * 1 /usr/local/sbin/certbot-auto renew >> /var/log/le-renew.log
All you have to do now in order to install a certificate is to run this command. You can add as many
-d arguments as you want if you want to assign that certificate to more domains and subdomains.
sudo certbot-auto --apache -d example.com -d www.example.com
Certbot will ask you if you allow both http and https, it will say the first is easier, in my opinion both are equally easy and requires no more to be done from here.
Also featured on My blog at blog.emilmoe.com