How to Secure Apache with Free Let’s Encrypt SSL Certificate on Ubuntu and Debian

Best Affordable Linux and WordPress Services For Your Business
Outsource Your Linux and WordPress Project and Get it Promptly Completed Remotely and Delivered Online.

If You Appreciate What We Do Here On TecMint, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Google Plus
  2. Subscribe to our email updates: Sign Up Now
  3. Get your own self-hosted blog with a Free Domain at ($3.45/month).
  4. Become a Supporter - Make a contribution via PayPal
  5. Support us by purchasing our premium books in PDF format.
  6. Support us by taking our online Linux courses

We are thankful for your never ending support.

Matei Cezar

I'am a computer addicted guy, a fan of open source and linux based system software, have about 4 years experience with Linux distributions desktop, servers and bash scripting.

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

14 Responses

  1. Adam says:

    I have a server running on digital ocean single droplet where i am hosting multiple wordpress sites and when i do this for one site it works fine but when i do it for another one the other site gives this message: The certificate is not trusted because it is self-signed.

  2. Vinny says:

    Everything ran fine, took a while, but got this error at the end

    Installation succeeded.
    Saving debug log to /var/log/letsencrypt/letsencrypt.log
    Plugins selected: Authenticator apache, Installer apache
    Obtaining a new certificate
    Performing the following challenges:
    Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.
    Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.

  3. satender says:

    if my certificate expire then how can i renew it

  4. Oliver says:

    Hey, great tutorial works like a charm!

    I just got one issue how can I tell CloudFront about the certificate? because when I edit my “Distribution” on Cloudfront and go to edit it to custom SSL it does not let me choose this option but, I see that certificate is there, what I am doing wrong?


    • Ravi Saive says:


      You don’t need to tell about your site’s Let’s Encrypt certificate to CloudFront.. Just use the CloudFront basic settings that’s enough.

  5. homzzang says:

    I am getting following error, how I can solve this error?

    certbot: error: unrecognized arguments: -d -d
  6. Mark says:

    Hi, just want to let you know that step 4 has 3 dashes instead of 2 in the –apache context, which doesn’t work. Great tutorial otherwise. Thanks!

  7. kalmer peacecop: says: is a public registered domain name.

  8. Matei Cezar says:

    Name does not end in a public suffix. The error is self explanatory! It must be a public registred domain name.

  9. kalmer peacecop: says:

    Error: urn:acme:error:malformed :: The request message was malformed :: Error creating new authz :: Name does not end in a public suffix

Got something to say? Join the discussion.

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.