{"id":12522,"date":"2025-12-20T11:23:04","date_gmt":"2025-12-20T05:53:04","guid":{"rendered":"https:\/\/www.youstable.com\/blog\/?p=12522"},"modified":"2025-12-20T11:23:06","modified_gmt":"2025-12-20T05:53:06","slug":"install-lets-encrypt-ssl-on-linux","status":"publish","type":"post","link":"https:\/\/www.youstable.com\/blog\/install-lets-encrypt-ssl-on-linux","title":{"rendered":"How to Install Let&#8217;s Encrypt on Linux Server: Expert Guide 2026"},"content":{"rendered":"\n<p><strong>To install Let\u2019s Encrypt on a Linux server<\/strong>, install Certbot (the ACME client), ensure ports 80 and 443 are open, run Certbot with your web server plugin (Apache or Nginx) to obtain and install the certificate, enable automatic renewal, and verify HTTPS. Most setups complete in 5\u201310 minutes with zero downtime.<\/p>\n\n\n\n<p>In this guide, you\u2019ll learn exactly how to install Let\u2019s Encrypt on a Linux server using Certbot for Nginx, Apache, and custom stacks. We\u2019ll cover prerequisites, OS-specific commands, DNS\/wildcard options, auto-renewal, security hardening, and troubleshooting\u2014so you can deploy a free, trusted SSL certificate and keep it renewing automatically.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"what-is-lets-encrypt-and-how-it-works\"><strong>What is Let\u2019s Encrypt and How it Works<\/strong>?<\/h2>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1536\" height=\"1024\" src=\"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/image-43.png\" alt=\"What Is Let\u2019s Encrypt and How It Works?\" class=\"wp-image-12618\" srcset=\"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/image-43.png 1536w, https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/image-43-150x100.png 150w\" sizes=\"auto, (max-width: 1536px) 100vw, 1536px\" \/><\/figure>\n\n\n\n<p>Let\u2019s Encrypt is a free, automated, and open certificate authority (CA) that issues domain-validated SSL\/TLS certificates. It uses the ACME protocol to prove domain control via challenges such as HTTP-01 (file served over port 80) or DNS-01 (TXT record). Certbot is the recommended tool that requests, installs, and renews certificates for you.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"before-you-start-prerequisites\"><strong>Before You Start: Prerequisites<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Public domain: Point your domain\u2019s A\/AAAA records to your server\u2019s IP.<\/li>\n\n\n\n<li>Root or sudo access: You\u2019ll run privileged commands.<\/li>\n\n\n\n<li>Web server ready: Nginx or Apache installed and serving your site.<\/li>\n\n\n\n<li>Open firewall: Ports 80 (HTTP) and 443 (HTTPS) must be open.<\/li>\n\n\n\n<li>System packages updated: Keep your OS up to date.<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code># Ubuntu\/Debian firewall (UFW)\nsudo ufw allow 80\/tcp\nsudo ufw allow 443\/tcp\n\n# RHEL\/AlmaLinux\/Rocky (firewalld)\nsudo firewall-cmd --permanent --add-service=http\nsudo firewall-cmd --permanent --add-service=https\nsudo firewall-cmd --reload<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"how-to-install-lets-encrypt-on-a-linux-server-step-by-step\"><strong>How to Install Let\u2019s Encrypt on a Linux Server (Step-by-Step)<\/strong><\/h2>\n\n\n\n<p>The most reliable way today is Certbot via Snap, which gives you the latest features and security updates across most distributions. We\u2019ll cover Snap first, then OS packages and alternative methods.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"step-1-install-certbot-via-snap-recommended\"><strong>Step 1: Install Certbot via Snap (Recommended)<\/strong><\/h3>\n\n\n\n<p>On Ubuntu 18.04+ and Debian 10+, Snap is straightforward. On RHEL-based systems, enable Snap first.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Ubuntu\/Debian\nsudo apt update\nsudo apt install snapd -y\nsudo snap install core\nsudo snap refresh core\nsudo snap install --classic certbot\nsudo ln -s \/snap\/bin\/certbot \/usr\/bin\/certbot<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code># RHEL\/AlmaLinux\/Rocky 8\/9\nsudo dnf install epel-release -y\nsudo dnf install snapd -y\nsudo systemctl enable --now snapd.socket\nsudo ln -s \/var\/lib\/snapd\/snap \/snap\nsudo snap install core\nsudo snap install --classic certbot\nsudo ln -s \/snap\/bin\/certbot \/usr\/bin\/certbot<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"step-2a-obtain-and-install-for-nginx\"><strong>Step 2A: Obtain and Install for Nginx<\/strong><\/h3>\n\n\n\n<p>Make sure your Nginx virtual host is serving your domain and port 80 is reachable. Then run:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo certbot --nginx -d example.com -d www.example.com<\/code><\/pre>\n\n\n\n<p>Certbot will locate your Nginx config, validate the domain, install the certificate, and optionally add a secure HTTP-to-HTTPS redirect.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"step-2b-obtain-and-install-for-apache\"><strong>Step 2B: Obtain and Install for Apache<\/strong><\/h3>\n\n\n\n<p>Ensure your Apache virtual host resolves your domain. Then run:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo certbot --apache -d example.com -d www.example.com<\/code><\/pre>\n\n\n\n<p>Certbot will edit your Apache vhost files, enable the certificate, and can configure automatic redirects if you choose.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"alternative-webroot-or-standalone-for-any-stack\"><strong>Alternative: Webroot or Standalone (For Any Stack)<\/strong><\/h2>\n\n\n\n<p>If you run Node.js, Tomcat, Docker, or another stack behind a reverse proxy, use webroot. It places the challenge file in your site\u2019s document root, without restarting services.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Replace with your actual webroot path\nsudo certbot certonly --webroot -w \/var\/www\/html -d example.com -d www.example.com<\/code><\/pre>\n\n\n\n<p>If nothing listens on port 80 or you prefer a temporary ACME server, use standalone. This runs a transient HTTP server for validation.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo systemctl stop nginx || sudo systemctl stop apache2 || sudo systemctl stop httpd\nsudo certbot certonly --standalone -d example.com -d www.example.com\n# Re-start your service after issuance\nsudo systemctl start nginx || sudo systemctl start apache2 || sudo systemctl start httpd<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"alternative-install-certbot-from-os-packages\"><strong>Alternative: Install Certbot from OS Packages<\/strong><\/h2>\n\n\n\n<p>Some distributions ship Certbot in their repositories. Versions may lag behind, but it\u2019s an option.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Debian\/Ubuntu (may be older than Snap)\nsudo apt update\nsudo apt install certbot python3-certbot-nginx -y\n# Or for Apache\nsudo apt install certbot python3-certbot-apache -y\n\n# RHEL\/AlmaLinux\/Rocky (via EPEL)\nsudo dnf install epel-release -y\nsudo dnf install certbot python3-certbot-nginx -y\n# Or for Apache\nsudo dnf install certbot python3-certbot-apache -y<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"enable-auto-renewal-and-test-it\"><strong>Enable Auto-Renewal and Test It<\/strong><\/h2>\n\n\n\n<p>Certbot installs a systemd timer or cron job that runs twice daily and renews certificates approaching expiry (Let\u2019s Encrypt certs are valid for 90 days). Always dry-run renewal to confirm automation works.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Dry-run renewal (no real changes)\nsudo certbot renew --dry-run<\/code><\/pre>\n\n\n\n<p>If you used webroot or standalone with services that need reloads, add deploy hooks:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Reload Nginx after any successful renewal\nsudo crontab -e\n# Add:\n0 3 * * * certbot renew --quiet --deploy-hook \"systemctl reload nginx\"<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"redirects-and-basic-tls-hardening\"><strong>Redirects and Basic TLS Hardening<\/strong><\/h2>\n\n\n\n<p>Certbot plugins can set redirects, but you can also configure them manually. Here are safe defaults.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"nginx-force-https-and-add-hsts\"><strong>Nginx: Force HTTPS and Add HSTS<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>server {\n    listen 80;\n    server_name example.com www.example.com;\n    return 301 https:\/\/$host$request_uri;\n}\n\nserver {\n    listen 443 ssl http2;\n    server_name example.com www.example.com;\n\n    ssl_certificate \/etc\/letsencrypt\/live\/example.com\/fullchain.pem;\n    ssl_certificate_key \/etc\/letsencrypt\/live\/example.com\/privkey.pem;\n\n    add_header Strict-Transport-Security \"max-age=31536000; includeSubDomains\" always;\n\n    # your site config...\n}<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"apache-force-https-and-add-hsts\"><strong>Apache: Force HTTPS and Add HSTS<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>&lt;VirtualHost *:80&gt;\n    ServerName example.com\n    ServerAlias www.example.com\n    Redirect permanent \/ https:\/\/example.com\/\n&lt;\/VirtualHost&gt;\n\n&lt;VirtualHost *:443&gt;\n    ServerName example.com\n    ServerAlias www.example.com\n    SSLEngine on\n    SSLCertificateFile \/etc\/letsencrypt\/live\/example.com\/fullchain.pem\n    SSLCertificateKeyFile \/etc\/letsencrypt\/live\/example.com\/privkey.pem\n    Header always set Strict-Transport-Security \"max-age=31536000; includeSubDomains\"\n    # your site config...\n&lt;\/VirtualHost&gt;<\/code><\/pre>\n\n\n\n<p>Tip: Only enable HSTS after you\u2019ve confirmed HTTPS works across your site, including subdomains.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"wildcard-certificates-and-dns-01-challenge\"><strong>Wildcard Certificates and DNS-01 Challenge<\/strong><\/h2>\n\n\n\n<p>Need a certificate for all subdomains (e.g., *.example.com)? Use DNS-01. This requires creating a TXT record during issuance. Manual DNS works, but provider plugins automate renewals.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Manual DNS-01 (not automated)\nsudo certbot -d example.com -d *.example.com --manual --preferred-challenges dns certonly\n\n# You'll be prompted to create a TXT record like:\n# _acme-challenge.example.com  TXT  &lt;token&gt;<\/code><\/pre>\n\n\n\n<p>For automation, use a DNS plugin (e.g., Cloudflare, Route 53). Install the appropriate Certbot DNS plugin and pass your API credentials securely via environment variables or a restricted credentials file.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"troubleshooting-common-errors\"><strong>Troubleshooting Common Errors<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Challenge failed (HTTP-01): Ensure DNS points to your server, port 80 is open and not blocked, and that the domain serves the challenge path. Proxies\/CDNs must forward .well-known paths.<\/li>\n\n\n\n<li>Permission errors: Webroot paths must be correct and readable by the web server. For Nginx\/Apache plugins, confirm configs are valid.<\/li>\n\n\n\n<li>Rate limits: Let\u2019s Encrypt has limits on failed validations and issuances. Test with <code>--dry-run<\/code>, stage environment, or group domains thoughtfully.<\/li>\n\n\n\n<li>Mixed content warnings: Update hardcoded http URLs in HTML\/CSS\/JS to https, or use relative URLs.<\/li>\n\n\n\n<li>Renewal fails: Check <code>\/var\/log\/letsencrypt\/letsencrypt.log<\/code>, confirm hooks, plugins, and DNS\/API permissions (for DNS-01).<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"verify-your-ssl-and-grade-your-setup\"><strong>Verify Your SSL and Grade Your Setup<\/strong><\/h2>\n\n\n\n<p>After installation, visit https:\/\/example.com and confirm the padlock. Then use an external scanner to catch configuration issues, protocol\/cipher support, and HSTS. Aim for an A grade and ensure TLS 1.2\/1.3 are enabled.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"real-world-tips-from-hosting-experience\"><strong>Real-World Tips from Hosting Experience<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Prefer Snap-based Certbot for the latest features and fewer edge cases.<\/li>\n\n\n\n<li>Keep port 80 open for HTTP-01 renewals, even if you force HTTPS globally.<\/li>\n\n\n\n<li>Use webroot for containerized stacks where reverse proxies terminate TLS.<\/li>\n\n\n\n<li>Automate wildcard with DNS plugins; avoid manual DNS for production renewals.<\/li>\n\n\n\n<li>Back up \/etc\/letsencrypt (<a href=\"https:\/\/www.youstable.com\/blog\/private-key-for-ssl-certificate\/\">private keys<\/a>, certs) securely, and restrict permissions.<\/li>\n\n\n\n<li>Reload, don\u2019t restart, services on renewal to avoid downtime.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"when-managed-hosting-helps\"><strong>When Managed Hosting Helps<\/strong><\/h2>\n\n\n\n<p>If you\u2019d rather not manage SSL, renewals, and hardening yourself, managed hosting can handle it for you. At YouStable, our teams provision free Let\u2019s Encrypt SSL, set up redirects and security headers, and monitor renewals\u2014so your sites stay secure without firefighting certificates.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"complete-quick-start-command-summary\"><strong>Complete Quick-Start: Command Summary<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Install Certbot with Snap<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo apt install snapd -y &amp;&amp; sudo snap install --classic certbot\nsudo ln -s \/snap\/bin\/certbot \/usr\/bin\/certbot<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Get SSL for Nginx or Apache<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code># Nginx\nsudo certbot --nginx -d example.com -d www.example.com\n\n# Apache\nsudo certbot --apache -d example.com -d www.example.com<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Test renewal<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo certbot renew --dry-run<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"faqs-install-lets-encrypt-on-linux-server\"><strong>FAQs: Install Let\u2019s Encrypt on Linux Server<\/strong><\/h2>\n\n\n<div id=\"rank-math-faq\" class=\"rank-math-block\">\n<div class=\"rank-math-list \">\n<div id=\"faq-question-1765530764965\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"is-lets-encrypt-safe-and-trusted-by-browsers\"><strong>Is Let\u2019s Encrypt safe and trusted by browsers?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Yes. Let\u2019s Encrypt is a widely trusted certificate authority. Its root and intermediates are included by all major browsers and operating systems. A Let\u2019s Encrypt certificate provides the same encryption strength as paid DV certificates.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765530777547\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"how-do-i-install-lets-encrypt-on-ubuntu-quickly\"><strong>How do I install Let\u2019s Encrypt on Ubuntu quickly?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Install Certbot via Snap, then run the plugin for your web server:<br \/><code>sudo apt update &amp;&amp; sudo apt install snapd -y<br \/>sudo snap install --classic certbot<br \/>sudo ln -s \/snap\/bin\/certbot \/usr\/bin\/certbot<br \/>sudo certbot --nginx -d example.com -d www.example.com # or --apache<\/code><\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765530830248\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"how-often-do-lets-encrypt-certificates-renew\"><strong>How often do Let\u2019s Encrypt certificates renew?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Every 90 days. Certbot sets up automatic renewal and checks twice daily. Use <code>sudo certbot renew --dry-run<\/code> to verify your setup. Many admins renew at 60 days for extra safety, which Certbot handles automatically.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765530838912\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"can-i-get-a-wildcard-ssl-certificate-with-lets-encrypt\"><strong>Can I get a wildcard SSL certificate with Let\u2019s Encrypt?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Yes, with DNS-01 validation. Use <code>-d *.example.com -d example.com<\/code> and either create TXT records manually or, better, automate with a DNS plugin for your provider (e.g., Cloudflare, Route 53) so renewals run hands-free.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765530847474\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"do-i-need-to-stop-my-web-server-when-using-certbot\"><strong>Do I need to stop my web server when using Certbot?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>No for Nginx\/Apache plugins and webroot\u2014they work without stopping services. Yes only for standalone mode, which briefly binds to port 80; stop your server, issue the cert, then start it again.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765530856085\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"what-if-my-site-is-behind-a-cdn-or-reverse-proxy\"><strong>What if my site is behind a CDN or reverse proxy?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Use webroot or configure the proxy to pass through ACME challenges at <code>\/.well-known\/acme-challenge\/<\/code>. Alternatively, use DNS-01 validation to avoid HTTP path issues entirely.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765530863451\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"do-paid-ssls-offer-better-security-than-lets-encrypt\"><strong>Do paid SSLs offer better security than Let\u2019s Encrypt?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>No for encryption strength\u2014DV certificates, free or paid, use the same modern ciphers. Paid options may include warranty, support, or organization\/extended validation, but they don\u2019t encrypt \u201cmore.\u201d For most sites, Let\u2019s Encrypt DV is ideal.<\/p>\n<p>With these steps, you can confidently install Let\u2019s Encrypt on a Linux server, automate renewals, and harden your TLS. If you prefer a hands-off approach, YouStable can provision, secure, and monitor SSL for you as part of our managed hosting plans.<\/p>\n\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>To install Let\u2019s Encrypt on a Linux server, install Certbot (the ACME client), ensure ports 80 and 443 are open, [&hellip;]<\/p>\n","protected":false},"author":13,"featured_media":15551,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[350],"tags":[],"class_list":["post-12522","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-knowledgebase"],"acf":[],"featured_image_src":"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/How-to-Install-Let-Encrypt-on-Linux-Server.jpg","author_info":{"display_name":"Prahlad Prajapati","author_link":"https:\/\/www.youstable.com\/blog\/author\/prahladblog"},"_links":{"self":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/12522","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/comments?post=12522"}],"version-history":[{"count":4,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/12522\/revisions"}],"predecessor-version":[{"id":15552,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/12522\/revisions\/15552"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/media\/15551"}],"wp:attachment":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/media?parent=12522"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/categories?post=12522"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/tags?post=12522"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}