📅 February 02, 2026
5 min read
Web & Networking

How to Set Up HTTPS Using Let’s Encrypt

A guide on setting up free SSL/TLS certificates from Let's Encrypt using Certbot │ to enable HTTPS for your website, covering installation, configuration, and │ automatic renewal.

Beginner

Setting up HTTPS for your website using Let's Encrypt and Certbot is a straightforward process that enhances your site's security and trustworthiness. Let's Encrypt provides free SSL/TLS certificates, and Certbot automates most of the steps involved.

Prerequisites:

  1. Domain Name: You must own or control the registered domain name for which you want to obtain a certificate.
  2. DNS Configuration: Your domain name's DNS records must point to your server's public IP address.
  3. Web Server: You need to have a web server (Apache or Nginx) installed and configured to serve your website.
  4. SSH Access: You'll need SSH access to your server with sudo privileges.
  5. Firewall (if applicable): Ensure that ports 80 (for HTTP) and 443 (for HTTPS) are open in your firewall.

Steps to Set Up HTTPS:

1. Install Certbot

Certbot is the official client for Let's Encrypt that automates the process of obtaining and renewing SSL certificates. The recommended way to install Certbot is using snapd.

  • Install snapd: If you don't have snapd installed, follow the instructions on the Snapcraft website to install it for your operating system.
  • Remove old Certbot packages (if any): If you have previously installed Certbot using a package manager like apt, dnf, or yum, remove those packages to avoid conflicts. For example, on Ubuntu, you might run sudo apt-get remove certbot.
  • Install Certbot via Snap: bash sudo snap install --classic certbot sudo ln -s /snap/bin/certbot /usr/bin/certbot The snap package ensures you get the fastest updates and includes necessary plugins.

2. Obtain and Install the SSL Certificate

The commands vary slightly depending on your web server (Apache or Nginx).

  • For Apache: bash sudo certbot --apache -d yourdomain.com -d www.yourdomain.com Replace yourdomain.com with your actual domain name. Certbot will guide you through the setup, asking for your email address, agreement to terms of service, and whether to redirect HTTP traffic to HTTPS.

  • For Nginx: bash sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com Again, replace yourdomain.com with your actual domain. Certbot will automatically configure Nginx to serve the certificate and enable HTTPS.

    During the process, Certbot will ask you to: * Enter an email address for urgent renewal and security notices. * Agree to the Let's Encrypt Terms of Service. * Decide if you want to share your email with the Electronic Frontier Foundation (EFF). * Choose whether to redirect HTTP traffic to HTTPS. It's generally recommended to enable this.

3. Verify Automatic Renewal

Let's Encrypt certificates are valid for 90 days. Certbot automatically sets up a cron job or systemd timer to renew your certificates before they expire.

You can test the automatic renewal process with a dry run:

sudo certbot renew --dry-run

This command checks if renewal would succeed without actually renewing the certificates.

4. Check Your Website

After successful installation, open your website in a web browser using https://yourdomain.com. You should see a padlock icon in the address bar, indicating a secure connection. You can also use online SSL checkers like SSL Shopper to verify your certificate details.