Free SSL Certificates that Automatically Renew with CertBot and LetsEncrypt

It’s been a while since I wrote a blog post (over 5 years!) and in republishing my blog, I wanted to ensure a few best-practices were in place.  One of those is ensuring that all content is served up over HTTPS.

Thankfully, we’ve come a long way in the past 5 years when it comes to providing a simple and cost free way to serve content using HTTPS – with thanks to the CA LetsEncrypt, you can now generate free SSL certificates with ease:

  1. Step 1: Head over to the CertBot from EFF
  2. Select your OS and web server
  3. Follow the step-by-step guide to install CertBot
  4. Bam!  You’re running under HTTPS

Because Certificates from LetsEncrypt are only valid for 90 days, you need to setup a cronjob to renew the certificate.  I do this on a weekly basis as follows:

letsencrypt renew --post-hook "service apache2 reload"