Install Let’s Encrypt SSL Certificate on Ubuntu 22.04 & Apache

Opu Hasnat
3 min readFeb 1, 2023

“Ensure the safety of your website and its users with a Let’s Encrypt SSL certificate. By securing your server, all data transmitted to and from your site will be fully encrypted, giving your users peace of mind. Installing the certbot app will also eliminate browser warnings like “Your connection to this site is not secure,” which can discourage users from visiting your site. Plus, with automatic certificate updates, you can rest assured that your website’s security will never lapse.

“Securing Your Website with Let’s Encrypt SSL Certificate

In today’s digital age, website security is a top priority for both businesses and users. A secure website is not only important for the protection of sensitive information, but also for the credibility of your brand. In this guide, we will walk you through the process of installing a free Let’s Encrypt SSL certificate on an Ubuntu 22.04 cloud server with a LAMP stack.


Ubuntu 22.04 cloud server setup with a non-root user and firewall with sudo privileges
LAMP package installed and setup
DNS and Virtual Host setup for a registered domain name

Installing Certbot Package:

The first step is to install the Certbot package. Certbot is a Let’s Encrypt package that will automatically update and install valid SSL certificates for your website. To install Certbot, we will update the package cache and then install Certbot and the Python package that enables Certbot to configure Apache directives.

1. sudo apt update
2. sudo apt install certbot python3-certbot-apache

Allowing HTTPS Through the Firewall:

Next, we will allow HTTPS through the firewall. If you have only opened port 80, you will need to also allow port 443. You can check the options of your UFW firewall by running the status command. If you only have Apache, you can allow both ports 80 and 443 through the firewall by allowing “Apache Full”. If you are following this guide as a standalone, you will also need to enable OpenSSH through the firewall.

1. sudo ufw status 
2. sudo ufw allow 'Apache Full'
3. sudo ufw delete allow 'Apache'
4. sudo ufw allow OpenSSH
5. sudo ufw enable
6. sudo ufw status

Installing an SSL Certificate:

With the firewall set up, we can now install a fresh SSL certificate for your website. Initiate the Certbot package and follow the prompt to enter your email address and domain name(s). You should receive confirmation of your SSL certificates and see your website using HTTPS with a secure lock when you visit it in your web browser.

1. sudo certbot --apache

Cerbot will then ask you a series of questions.

Verifying Certbot is on Autorenewal:

Finally, we will verify that Certbot is set to auto-renew your SSL certificates every 90 days. We can check the certbot.timer and run a dry run of the autorenewal process.

1. sudo systemctl status certbot.timer
2. sudo certbot renew --dry-run

By following this article, you should now have a fully secured website with a valid SSL certificate. Your users can rest assured that their information is protected and that your brand credibility is enhanced. If you encounter any issues, there are troubleshooting links available for further assistance. Congratulations on a job well done!”



Opu Hasnat

Fullstack Web Developer | Building Dynamic, User-Friendly Web Applications with Expertise in PHP(Laravel), JavaScript, Python, MySQL, HTML, CSS and more