-
Download the "Let's Encrypt" client:
$ sudo apt-get install python-letsencrypt-apache -
Get a new SSL certificate by running
$ sudo letsencrypt --apache -d example.com -d www.example.comwhere you replace
example.comwith your domain name and optionally add even more subdomains after-doptions. -
Check if your site is available via HTTPS now and perhaps also check your configuration using an online tool
-
Set up a cron job in the
rootuser's crontab to attempt automatic renewal of the certificate twice a day (at random times), e.g.:14 1,11 * * * export PATH=/usr/sbin:/usr/bin:/sbin:/bin && letsencrypt renew > /path/to/log-file.log 2>&1