• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

Mister PKI

SSL Certificates * SSL Tools * Certificate Decoder

  • Buy SSL Certificates
  • Blog
  • OpenSSL
  • Keytool
  • SSL Tools
  • Donate

certbot apache ubuntu

February 24, 2022 by Mister PKI Leave a Comment

This article will demonstrate how to automate the renewal of SSL certificates, specifically letsencrypt certificates, using the certbot utility with apache on an ubuntu OS. The examples in this article will work on Ubuntu 18.04 and greater. They may also work on previous version of Ubuntu but if not, the general concepts should remain.

See another one of our posts for general documentation on configuring SSL certificates in Apache.

Install and run certbot on Ubuntu

  1. SSH into the server where you are setting up letsencrypt for SSL certificate automation.
  2. While your OS may support installing certbot with its own package manager, the official documentation recommends using snapd to manage certbot. If you do not already have snapd, you can follow their official documentation here: https://snapcraft.io/docs/installing-snapd
  3. If you already have snapd installed, ensure it is up to date by running the following command:
sudo snap install core; sudo snap refresh core
  1. Remove any and all certbot packages that may have been previously installed by your package manager. For ubuntu, this would be with the apt package manager. This will ensure that the certbot package installed by snapd will be ran, and not an older version installed by your package manager. For Ubuntu, the command is:
sudo apt-get remove certbot
  1. Install certbot with snapd
sudo snap install --classic certbot
  1. Create a symbolic link to ensure certbot can be ran
sudo ln -s /snap/bin/certbot /usr/bin/certbot
  1. Get and install your certificate. Note that this command will update your Apache SSL configuration files and reload the config with the new certificate. If you do not wish to update the configuration and only renew the certificate, add the certonly option to the command as shown in the second example.
sudo certbot --apache
sudo certbot certonly --apache
  1. Test that the certificate renewal will work by using the --dry-run option with certbot. If you encounter any errors they must first be fixed before the renewal will work. The letsencrypt certificates have a 90 day validity period and are renewed every 60 days, giving you 30 days to address any issues with the renewal.
sudo certbot renew --dry-run

The renewal will be scheduled in one of the following locations:

  • /etc/crontab/
  • /etc/cron.*/*
  • systemctl list-timers
  1. Confirm that the letsencrypt certificate was successfully installed in Apache by visiting your website in your browser, or by using the openssl s_client if you have OpenSSL installed.

Conclusion

This article has demonstrated how to install certbot on Ubuntu, install letsencrypt certificates in Apache, and automate the renewal of the letsencrypt certificates. Please leave us a comment if you have any questions or need help troubleshooting your letsencrypt renewal in an apache web server.

letsencrypt,  linux,  SSL Certificates

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Popular Posts

PKCS12

openssl s_client

Keytool

Keytool list

ECDSA vs RSA

OpenSSL

PKCS7

Certificate Decoder

Training Courses

Top online courses in IT & Software

Cyber Security Training

Udemy - The Complete Internet Security Privacy Course icon

Buy SSL Certificates

The SSL Store

Comodo Store

Sectigo Store

RapidSSL

Recent Posts

  • pfx password
  • pkcs12
  • Sendmail vs Postfix – Mail Transfer Agent Comparison
  • Python mock datetime now
  • Python get SSL Certificate

Footer

  • Twitter
  • YouTube

Pages

  • About Mister PKI
  • Blog
  • Compare and Buy Affordable PKI Certificates
  • Contact Us
  • Full Disclosure
  • Privacy Policy
  • SSL Tools – Certificate Decoder and Certificate Checker

Copyright © 2022