HowTo - Configuring server for hosting single Laravel web - SSL with Let’s Encrypt

Jevgenij Dmitrijev
Aug 27, 2017 · 3 min read

NOTICE: This article requires you to finish this article first.

REQUIREMENTS: Apache SSL is installed on your machine.

First we need to install certbot.

Certbot is an easy-to-use automatic client that fetches and deploys SSL/TLS certificates for your webserver. Certbot was developed by EFF and others as a client for Let’s Encrypt and was previously known as “the official Let’s Encrypt client” or “the Let’s Encrypt Python client.” Certbot will also work with any other CAs that support the ACME protocol.

Run the following commands on your server:

sudo apt-get update
sudo apt-get install software-properties-common
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install python-certbot-apache

Before we start creating a certificate. We need to create a new domain configuration with SSL support. (le stands for Let’s encrypt):

vi /etc/apache2/sites-available/domain.com-le-ssl.conf

There you should add this code:

<IfModule mod_ssl.c>
<VirtualHost domain.name:443>
ServerName domain.name
ServerAlias www.domain.name
ServerAdmin admin@interactivesolutions.lt
DocumentRoot /home/username/public_html/public
<Directory "/home/username/public_html/public">
AllowOverride All
allow from all
Require all granted
</Directory>
<ifmodule mpm_itk_module>
AssignUserID username username
</ifmodule>
ErrorLog ${APACHE_LOG_DIR}/domain.name.error.log
CustomLog ${APACHE_LOG_DIR}/domain.name.access.log combined
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

domain.name — name of the domain
www.domain.name — if you need to use www in your adress
username — your newly created user name, it will be his directory also.

Save file. Enable site. Restart Apache.

a2ensite /etc/apache2/sites-available/domain.com-le-ssl.conf
service apache2 restart

Make sure your .env file is configured to use https:

APP_URL=https://domain.name

To initialize certificate creation run this command:

sudo certbot --apache

You will receive the information with all of the domains configured:

List of configured domains

You will be needing to select one.

After selection bot will deploy ssl certificate

You will be asked do you want to redirect from http to https:

Answer by pressing 2

If all was done correctly you will receive the message:

After this is done, the certbot has changes your domain .conf files to enable full configuration.

To validate the SSL plese visit:

https://www.ssllabs.com/ssltest/analyze.html?d=domain.name

And you should expect to see results like this:

Final result!

And finally add cron job for automatic certificates renewal as (root user):

sudo crontab -e

Insert this code:

0 2 * * * /usr/bin/certbot renew --quiet

Save. And you are done!

)

Jevgenij Dmitrijev

Written by

Entrepreneur and Lecturer

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade