How to configure SSL on Apache using Lets Encrypt on Debian 8

If you want to secure your Apache web server, first thing to consider is to install and enable TLS/SSL on your web server. So, you can access your website using https://yourdomain.com. And there is a free service called Lets Encrypt that provide a free trusted SSL certificate for our system. This tutorial is going to show you how to configure Lets Encrypt on Debian 8.

Steps to install Lets Encrypt on Debian 8

Step 1. Install Certbot, the Lets Encrypt Client

Use the following command to add the repository to Debian 8

echo 'deb http://ftp.debian.org/debian jessie-backports main' | sudo tee /etc/apt/sources.list.d/backports.list

Now Update Debian

apt update

Finally, install certbot

root@debian-512mb-sgp1-01:~# apt-get install python-certbot-apache -t jessie-backports
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following packages were automatically installed and are no longer required:
  python-cffi python-ply python-pycparser
Use 'apt-get autoremove' to remove them.
The following extra packages will be installed:
  augeas-lenses certbot libaugeas0 libpython2.7 python-acme python-augeas python-certbot python-cffi python-cffi-backend python-configargparse
  python-cryptography python-dnspython python-enum34 python-funcsigs python-idna python-ipaddress python-mock python-openssl
  python-parsedatetime python-pbr python-pkg-resources python-psutil python-pyasn1 python-pyicu python-rfc3339 python-setuptools python-six
  python-tz python-zope.component python-zope.event python-zope.interface
Suggested packages:
  augeas-doc python-certbot-doc augeas-tools python-acme-doc python-certbot-apache-doc python-dev python-cryptography-doc
  python-cryptography-vectors python-enum34-doc python-funcsigs-doc python-mock-doc python-openssl-doc python-openssl-dbg python-psutil-doc
  doc-base python-setuptools-doc
The following NEW packages will be installed:
  augeas-lenses certbot libaugeas0 libpython2.7 python-acme python-augeas python-certbot python-certbot-apache python-cffi-backend
  python-configargparse python-dnspython python-enum34 python-funcsigs python-idna python-ipaddress python-mock python-parsedatetime
  python-pbr python-psutil python-pyicu python-rfc3339 python-tz python-zope.component python-zope.event python-zope.interface
The following packages will be upgraded:
  python-cffi python-cryptography python-openssl python-pkg-resources python-pyasn1 python-setuptools python-six
7 upgraded, 25 newly installed, 0 to remove and 66 not upgraded.
Need to get 3,797 kB of archives.
After this operation, 13.3 MB of additional disk space will be used.
Do you want to continue? [Y/n]

Step 2. Setup SSL Certificate

Now we are ready to create a new SSL Certificate for our websites. It will read from the virtual hosts file the list of website in our server.

root@debian-512mb-sgp1-01:~# certbot --apache
Saving debug log to /var/log/letsencrypt/letsencrypt.log

Which names would you like to activate HTTPS for?
-------------------------------------------------------------------------------
1: theplanetfootball.com
2: www.theplanetfootball.com
-------------------------------------------------------------------------------
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):

Follow on screen wizard until it completed. Once completed and no error shown, we can test it. Open web browser and type the following address

https://www.ssllabs.com/ssltest/analyze.html?d=theplanetfootball.com&latest

It will take some times until completed. Once finished, you should see something like this. (Don’t forget to change the domain with yours)

Be the first to comment

Leave a Reply

Your email address will not be published.


*