Letsencrypt is a service to get free short-lived SSL certificates. There is a library from the same guys that created that service called cert-bot. Instructions on how to use it can be found on the official documentation.
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto ./certbot-auto
For demonstration purposes, we will use
There are 2 methods: standalone and by webroot. Depending on what you use, the command will change:
./certbot-auto certonly --standalone -d swapps.com
./certbot-auto certonly --webroot --webroot-path /var/www/html/ -d swapps.com
Cool, we got a new certificate for the domain. The next questions are: Where is it located? How do I install it?
If everything was successful, your certificate files will be located at:
/etc/letsencrypt/live/swapps.com
And you will find the following files:
cert.pem: The actual certificate.
chain.pem: Certificate from certificate authority.
fullchain.pem: cert.pem + chain.pem
privkey.pem: The private key used to sign the certificate
In the section to add the certificates of your Apache vhost, you will need to add something like this:
SSLEngine on SSLCertificateFile /etc/letsencrypt/live/swapps.com/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/swapps.com/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/swapps.com/chain.pem
In the section to add the certificates of your Nginx vhost, you will need to add something like this:
ssl on; ssl_certificate /etc/letsencrypt/live/swapps.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/swapps.com/privkey.pem;
After you have edited the corresponding files, you will need to restart the web server so the changes take effect. When you are done, you can go to the website using https and you will see your new certificate working and powered by Let’s Encrypt.