SSL Certificate for free!

Sounds like a typical marketing slogan you often hear in commercial? I thought that too, until I checked it.

On the 3th of December 2015 John Aas, ISRG Executive Director, announced Let’s Encrypt project has entered Public Beta, what means that no invitations are needed, so everyone can generate SSL certificates for free.

Let’s Encrypt brings a huge opportunity for developers to make their web pages more secure. It provides certificates for free, but also has benefits like:

  • no validation emails
  • no complicated configuration
  • no expired certificates breaking your website, you can renew certificate whenever you want to
  • because it’s for free, no payments to arrange

Now let’s check if it really works. We are going to configure apache on a Ubuntu server to use SSL certificates provided by Let’s Encrypt.

1. We have apache configuration file like this: 

ServerName ...

2. Install Let’s Encrypt wrapper script:

$ git clone
$ cd letsencrypt

3. Generate certificates:

./letsencrypt-auto --apache

This will create a set of files:

$ sudo ls -l /etc/letsencrypt/live/
total 0
lrwxrwxrwx 1 root root 46 Feb  1 14:06 cert.pem -> ../../archive/
lrwxrwxrwx 1 root root 47 Feb  1 14:06 chain.pem -> ../../archive/
lrwxrwxrwx 1 root root 51 Feb  1 14:06 fullchain.pem -> ../../archive/
lrwxrwxrwx 1 root root 49 Feb  1 14:06 privkey.pem -> ../../archive/

4. Link certificate in your apache configuration files:

	Redirect permanent /

	onSSLCertificateFile /etc/letsencrypt/live/
	SSLCertificateKeyFile /etc/letsencrypt/live/
	SSLCertificateChainFile /etc/letsencrypt/live/

From now your certificate should be visible for website visitors

Let's Encrypt Certificate

Simple, isn’t it? So don’t waste your time, go and make your website more secure!

SSL Certificate for free!

Leave a Reply

Your email address will not be published. Required fields are marked *