Hosting + Ai Website Builder + Free Domain (3 Month Free Credit)
Shop Today
YouStable blog banner

How to Use Let’s Encrypt for Free SSL on Linux

Himanshu Joshi 3 min read

Use Let’s Encrypt on Linux server to easily obtain free, automated, and trusted SSL/TLS certificates that secure your website or web applications with HTTPS encryption. Let’s Encrypt is a widely trusted Certificate Authority that provides certificates to encrypt communication, improve security, and boost visitor trust. Using Let’s Encrypt with tools like Certbot simplifies the process of installing, renewing, and managing certificates on your Linux server.

Use Let's Encrypt

This guide will walk you through how to use Let’s Encrypt on Linux server—from installing Certbot, obtaining certificates, to enabling and renewing HTTPS on popular web servers such as Apache or Nginx.

Prerequisites

  • A Linux server running distributions such as Ubuntu, Debian, CentOS, or Red Hat
  • Root or sudo access to install and configure software
  • A registered domain name pointing to your server’s public IP address (DNS A record)
  • Web server software is installed and running, such as Apache or Nginx
  • Ports 80 (HTTP) and 443 (HTTPS) are open and reachable for certificate validation

Use Let’s Encrypt on Linux Server

Let’s Encrypt is a free, automated Certificate Authority (CA) that helps secure your Linux server with HTTPS. Using tools like Certbot, you can easily request, install, and auto-renew trusted SSL/TLS certificates—boosting both security and credibility without incurring any costs or hassle.

Step 1: Install Certbot on the Linux Server

Certbot is the official Let’s Encrypt client that automates the issuance and renewal of certificates.

  • On Ubuntu/Debian:
sudo apt update
sudo apt install certbot python3-certbot-apache     # for Apache

Or for Nginx:

sudo apt install certbot python3-certbot-nginx
  • On CentOS/RHEL 8 or later:

Enable EPEL and install Certbot:

sudo dnf install epel-release
sudo dnf install certbot python3-certbot-apache    # Apache

Or for Nginx:

sudo dnf install certbot python3-certbot-nginx

Step 2: Obtain and Install SSL Certificate

After installing Certbot, the next step is to fetch and configure your SSL certificate. Certbot automates most of the process, making it simple even for beginners. The tool handles certificate requests, server configuration, and HTTPS redirection with minimal input.

  • For Apache:

Run Certbot with the Apache plugin to automatically configure SSL:

sudo certbot --apache

You will be prompted to:

  • Enter your email address for urgent renewal notices
  • Agree to the Let’s Encrypt terms of service
  • Select the domain(s) to enable HTTPS for (Certbot finds configured VirtualHosts)
  • Choose whether to redirect HTTP to HTTPS automatically

Certbot will then obtain a certificate, install it, and reload Apache.

  • For Nginx:

Run Certbot with the Nginx plugin:

sudo certbot --nginx

Follow similar prompts as above. Certbot will modify your Nginx configuration to enable HTTPS and reload the server.

Step 3: Verify Certificate Installation

After installation, verify your website uses HTTPS by navigating to:

https://your_domain

You should see a secure lock icon in the browser address bar indicating a valid certificate.

You can also check the status with:

sudo certbot certificates

This lists the installed certificates with expiration dates.

Automate Certificate Renewal

Let’s Encrypt certificates are valid for 90 days. Certbot sets up automatic renewal using system timers or cron jobs.

To test the renewal process manually:

sudo certbot renew --dry-run

Ensure the renewal command works without errors.

Manual Renewal (If Needed)

If automatic renewal is not set up, renew certificates manually by running:

sudo certbot renew

And reload your web server after renewal:

sudo systemctl reload apache2    # For Apache
sudo systemctl reload nginx      # For Nginx

Troubleshooting Tips

If your Let’s Encrypt SSL installation fails or behaves unexpectedly, use these tips to identify and fix common issues quickly. Most problems stem from DNS misconfigurations, blocked ports, or incomplete server setups.

  • Make sure the domain DNS records point to your server’s IP before requesting certificates.
  • Ensure ports 80 and 443 are open in the firewall.
  • If you run multiple sites, specify domains explicitly:
sudo certbot --apache -d example.com -d www.example.com
  • Check Certbot logs at /var/log/letsencrypt for errors.

Conclusion

To use Let’s Encrypt on a Linux server, install the Certbot client, obtain SSL/TLS certificates for your domains, and configure your web server (Apache or Nginx) to enable HTTPS seamlessly. Certbot automates issuance and renewal, making it easy to maintain secure, encrypted connections with free certificates trusted by browsers worldwide. Regularly verifying renewal ensures your certificates remain valid and your website stays secure.

For more detailed guides and advanced configurations, refer to the official Let’s Encrypt documentation.

Himanshu Joshi

Leave a Comment

Your email address will not be published. Required fields are marked *

Related Articles

Scroll to Top