Let’s Encrypt Setup

 Ubuntu 16.04 (xenial)

Ubuntu 16.04 (xenial) : Install Certbot package. Available standard repository.

$ sudo apt install letsencrypt python-letsencrypt-apache
install certbot-auto command.
# wget https://dl.eff.org/certbot-auto
# chmod a+x certbot-auto
# mv certbot-auto /sbin

3rd command path is your choice . ~/sbin to /usr/local/bin and so on.

Before execution ‘certbot-auto’, rewrite apache module must be available.

# a2enmod rewrite

 

1st time recommended command is

# certbot-auto run --apache --dialog

This command is able to find non ssl web setting and auto update certificate and chain by reading /etc/apache2/sites-available directory. And also is fixes virtual host configuration files. And then restarting apache.

# systemctl restart apache2.service

 

 

Renewal certification file, certbot-auto command.
# certbot-auto renew --post-hook "systemctl restart apache2.service"

also available cron daemon setting.

example file, letsencrypt  can be put on /etc/cron.monthly/ ,

#!/bin/sh

# update (renew) cert.
/root/bin/certbot-auto renew --post-hook "systemctl restart apache2.service"

/root/bin/ is certbot-auto install directly. If you changed, you must fix it.

 

Japanese “Let’s Encrypt” site is https://letsencrypt.jp/.