Mad World #Save_GAZA: Free Palestine  

Buy me a coffee

Search

How to Create Let’s Encrypt SSL Certificates on Linux

Yassine By Yassine

Mar 07, 2022 3 mins read1,011 views
  • Share this:
How to Create Let’s Encrypt SSL Certificates on Linux

Introduction

Let’s Encrypt is a free, automated, and open certificate authority (CA), run by the Internet Security Research Group (ISRG). It is a great alternative to commercial SSL providers, such as Comodo and DigiCert. Acme.sh is a shell script that makes it easy to create and manage your SSL certificates.

In this blog post, we will show you how to create Let’s Encrypt SSL certificates with acme.sh on Linux.

Warnhat you’ll need

Before you create your SSL certificates, it is important to understand the following warnings:

- The validity of an SSL certificate is limited to 90 days. However, you can renew your certificate before it expires.

- If you lose your private key, you will not be able to decrypt any data that was encrypted with the corresponding public key

How to get acme.sh ?

You can get acme.sh from the following URL:

- GitHub: https://github.com/acmesh-official/acme.sh

- Linuxbrew: https://formulae.brew.sh/formula/acme

Creating a Let’s Encrypt SSL Certificate with acme.sh

Now that you understand the warnings, let’s create our SSL certificate. We will use the “webroot” method, which is the simplest and most common method.

First, create a folder to store your SSL certificates. We will use /ssl-certs:

mkdir /ssl-certs
cd /ssl-certs

Next, download acme.sh and copy it to the /ssl-certs folder:

git clone https://github.com/acmesh-official/acme.sh.git .

After the download is complete, change to the /ssl-certs/acme.sh folder and run the following command:

./acme.sh --install

Now that acme.sh is installed, we can create our SSL certificate. We will create a certificate for the domain example.com. Replace “example.com” with your own domain name.

./acme.sh --issue -d example.com -w /var/lib/nginx/html

The “-w” parameter tells acme.sh where to find the webroot folder for your domain. In this case, we are using the Nginx web server, so the webroot folder is /var/lib/nginx/html. If you are using a different web server, please check the documentation for your web server to find the correct webroot folder.

After a few seconds, you should see the following message:

Domain example.com is ready to be used with SSL/TLS

Congratulations! You have successfully created a Let’s Encrypt SSL certificate for your domain.

Renewing a Let’s Encrypt SSL Certificate with acme.sh

Your SSL certificate will expire after 90 days. To renew your certificate, run the following command:

./acme.sh --renew -d example.com -w /var/lib/nginx/html

You should see the following message:

Certificate for domain example.com has been renewed

That’s it! You have successfully renewed your Let’s Encrypt SSL certificate.

Conclusion

In this blog post, we have shown you how to create a Let’s Encrypt SSL certificate with acme.sh on Linux. We have also shown you how to renew your SSL certificate. Acme.sh is a great tool for creating and managing your SSL certificates. Thanks for reading!

- create Let's Encrypt SSL certificates with acme.sh on Linux

- Let's Encrypt is a free, automated, and open certificate authority (CA) that issues SSL/TLS certificates

- Acme.sh is a shell script that makes it easy to create and manage your SSL certificates

- The validity of an SSL certificate is limited to 90 days

Tags:
Yassine

Yassine

Yassine founded IGProd to educate the visitors with technological tutorials. These helpful guides are available for all sorts of professionals and novices, whether they work in technology or not!

Surf freely 💗

Leave a comment

Your email address will not be published. Required fields are marked *

Related posts
You might be interested in
Your experience on this site will be improved by allowing cookies Cookie Policy