Install HTTPS using Let’s Encrypt Certificates on multiple websites

Spread the love
Introduction

SSL certificates are used within server and client to encrypt the traffic. This gives extra security for users accessing the application. Let’s Encrypt is one of free certificates that easily installed on your web servers.
Here’s how to install multiple domains on single apache web server.

Step 1 – Configure vhost file.

We need to prepare apache vhost configuration for SSL.
Create new vhost file with different name.
For example, save to /etc/apache2/site-available/test.com-ssl.conf

<IfModule mod_ssl.c>
<VirtualHost *:443>
    ServerAdmin webmaster@test.com
    DocumentRoot /websites/com_test_www/www
    ServerName test.com
    ErrorLog ${APACHE_LOG_DIR}/error-test.log
    CustomLog ${APACHE_LOG_DIR}/access-test.log combined
    Include /etc/letsencrypt/options-ssl-apache.conf
    ServerAlias test.com
    ServerAlias www.test.com
    SSLCertificateFile /etc/letsencrypt/live/test.com-0001/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/test.com-0001/privkey.pem
</VirtualHost>
</IfModule>
Step 2 – Install  Let’s Encrypt
sudo add-apt-repository ppa:certbot/certbot

sudo apt-get update

sudo apt-get install python-certbot-apache
Step 3 – Configure the Certificates
sudo certbot --apache -d test.com -d www.test.com

Here’s how to verify after installed new certificate.

https://www.ssllabs.com/ssltest/analyze.html?d=example.com&latest

To generate multiple certificates

sudo certbot --apache -d test2.com -d www.test2.com
Step 4 – Auto renewal using crontab

The new certificate will last 3 month but it’s good to renew automatically using cron job.

sudo crontab -e
30 1 * * * /usr/bin/certbot renew --quiet
Step 5 – Redirect http to https

Check if your websites opens fine with https:// , let’s make redirect http:// to https:// using vhost.

Open vhost file used for http.
For example, vi /etc/apache2/site-available/test.com.conf
And put below line:

Redirect permanent / https://test.com

Below is example:

<VirtualHost *:80>
    ServerAdmin webmaster@test.com
    DocumentRoot /websites/com_test_www/www
    ServerName test.com
    Redirect permanent / https://test.com
    ErrorLog ${APACHE_LOG_DIR}/error-test.log
    CustomLog ${APACHE_LOG_DIR}/access-test.log combined
</VirtualHost>

Test if your websites redirect http:// to https://

You may need to delete cookies on your browser for testing correctly.

Conclusion

It’s good to check the official Let’s Encrypt blog time to time for important updates.

Facebook Comments

Published by

Titus Choi

I love technology. Working for information technology. Interested in AVR technology. Playing with RC stuff.