How to Set Up SSL Certificate with Let's Encrypt

SSL certificates encrypt data between your server and visitors' browsers, ensuring secure connections. Let's Encrypt provides free SSL certificates that are trusted by all major browsers. This guide shows you how to set up SSL on your Hiddence server.

Prerequisites

• Domain name pointing to your server IP
• Nginx or Apache web server installed
• Ports 80 and 443 open in firewall
• Root or sudo access to the server

Installing Certbot

# For Ubuntu/Debian
sudo apt update
sudo apt install certbot python3-certbot-nginx -y

# For CentOS/RHEL
sudo yum install epel-release -y
sudo yum install certbot python3-certbot-nginx -y

Obtaining Certificate for Nginx

Certbot can automatically configure Nginx. Run:

sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com
# Follow the prompts to complete setup

Obtaining Certificate for Apache

For Apache, use:

sudo certbot --apache -d yourdomain.com -d www.yourdomain.com
# Follow the prompts to complete setup

Manual Certificate Renewal

Let's Encrypt certificates expire after 90 days. Test renewal:

sudo certbot renew --dry-run

Setting Up Auto-Renewal

Certbot creates a cron job automatically. Verify it exists:

sudo systemctl status certbot.timer
# Or check crontab
sudo crontab -l | grep certbot

Useful Tips

• Certificates auto-renew 30 days before expiration
• Test renewal process: sudo certbot renew --dry-run
• Use wildcard certificates for subdomains: certbot certonly --dns-cloudflare
• Check certificate expiration: sudo certbot certificates
• Force renewal if needed: sudo certbot renew --force-renewal