install_letsencrypt_certbot_apache2_ubuntu_server_22_04
install LetsEncrypt CertBot for Apache2 on Ubuntu Server 22.04
If you have Certbot installed and it is not being detected, then purge it.
Go Here to: Remove LetsEncrypt Certbot in Order to Properly Re-Install Certbot
Reinstalling Certbot properly.
sudo apt install certbot python3-certbot-apache
Output - Answer 'Y' when prompted near the beginning stages.
Reading package lists... Done Building dependency tree... Done Reading state information... Done The following additional packages will be installed: augeas-lenses libaugeas0 python3-acme python3-augeas python3-certbot python3-configargparse python3-icu python3-josepy python3-parsedatetime python3-requests-toolbelt python3-rfc3339 python3-zope.component python3-zope.event python3-zope.hookable Suggested packages: augeas-doc python-certbot-doc python3-certbot-nginx augeas-tools python-acme-doc python-certbot-apache-doc The following NEW packages will be installed: augeas-lenses certbot libaugeas0 python3-acme python3-augeas python3-certbot python3-certbot-apache python3-configargparse python3-icu python3-josepy python3-parsedatetime python3-requests-toolbelt python3-rfc3339 python3-zope.component python3-zope.event python3-zope.hookable 0 upgraded, 16 newly installed, 0 to remove and 0 not upgraded. Need to get 1,552 kB of archives. After this operation, 7,681 kB of additional disk space will be used. Do you want to continue? [Y/n] Y Get:1 http://us.archive.ubuntu.com/ubuntu jammy/universe amd64 augeas-lenses all 1.13.0-1 [321 kB] Get:2 http://us.archive.ubuntu.com/ubuntu jammy/universe amd64 libaugeas0 amd64 1.13.0-1 [200 kB] Get:3 http://us.archive.ubuntu.com/ubuntu jammy/universe amd64 python3-josepy all 1.10.0-1 [22.0 kB] Get:4 http://us.archive.ubuntu.com/ubuntu jammy/main amd64 python3-requests-toolbelt all 0.9.1-1 [38.0 kB] Get:5 http://us.archive.ubuntu.com/ubuntu jammy/main amd64 python3-rfc3339 all 1.1-3 [7,110 B] Get:6 http://us.archive.ubuntu.com/ubuntu jammy-updates/universe amd64 python3-acme all 1.21.0-1ubuntu0.1 [36.4 kB] Get:7 http://us.archive.ubuntu.com/ubuntu jammy/universe amd64 python3-augeas all 0.5.0-1.1 [9,124 B] Get:8 http://us.archive.ubuntu.com/ubuntu jammy/universe amd64 python3-configargparse all 1.5.3-1 [26.9 kB] Get:9 http://us.archive.ubuntu.com/ubuntu jammy/universe amd64 python3-parsedatetime all 2.6-2 [32.9 kB] Get:10 http://us.archive.ubuntu.com/ubuntu jammy/universe amd64 python3-zope.hookable amd64 5.1.0-1build1 [11.6 kB] Get:11 http://us.archive.ubuntu.com/ubuntu jammy/universe amd64 python3-zope.event all 4.4-3 [8,180 B] Get:12 http://us.archive.ubuntu.com/ubuntu jammy/universe amd64 python3-zope.component all 4.3.0-3 [38.3 kB] Get:13 http://us.archive.ubuntu.com/ubuntu jammy/universe amd64 python3-certbot all 1.21.0-1build1 [175 kB] Get:14 http://us.archive.ubuntu.com/ubuntu jammy/universe amd64 certbot all 1.21.0-1build1 [21.3 kB] Get:15 http://us.archive.ubuntu.com/ubuntu jammy/universe amd64 python3-certbot-apache all 1.21.0-1 [64.2 kB] Get:16 http://us.archive.ubuntu.com/ubuntu jammy/main amd64 python3-icu amd64 2.8.1-0ubuntu2 [540 kB] Fetched 1,552 kB in 1s (1,128 kB/s) Preconfiguring packages ... Selecting previously unselected package augeas-lenses. (Reading database ... 82997 files and directories currently installed.) Preparing to unpack .../00-augeas-lenses_1.13.0-1_all.deb ... Unpacking augeas-lenses (1.13.0-1) ... Selecting previously unselected package libaugeas0:amd64. Preparing to unpack .../01-libaugeas0_1.13.0-1_amd64.deb ... Unpacking libaugeas0:amd64 (1.13.0-1) ... Selecting previously unselected package python3-josepy. Preparing to unpack .../02-python3-josepy_1.10.0-1_all.deb ... Unpacking python3-josepy (1.10.0-1) ... Selecting previously unselected package python3-requests-toolbelt. Preparing to unpack .../03-python3-requests-toolbelt_0.9.1-1_all.deb ... Unpacking python3-requests-toolbelt (0.9.1-1) ... Selecting previously unselected package python3-rfc3339. Preparing to unpack .../04-python3-rfc3339_1.1-3_all.deb ... Unpacking python3-rfc3339 (1.1-3) ... Selecting previously unselected package python3-acme. Preparing to unpack .../05-python3-acme_1.21.0-1ubuntu0.1_all.deb ... Unpacking python3-acme (1.21.0-1ubuntu0.1) ... Selecting previously unselected package python3-augeas. Preparing to unpack .../06-python3-augeas_0.5.0-1.1_all.deb ... Unpacking python3-augeas (0.5.0-1.1) ... Selecting previously unselected package python3-configargparse. Preparing to unpack .../07-python3-configargparse_1.5.3-1_all.deb ... Unpacking python3-configargparse (1.5.3-1) ... Selecting previously unselected package python3-parsedatetime. Preparing to unpack .../08-python3-parsedatetime_2.6-2_all.deb ... Unpacking python3-parsedatetime (2.6-2) ... Selecting previously unselected package python3-zope.hookable. Preparing to unpack .../09-python3-zope.hookable_5.1.0-1build1_amd64.deb ... Unpacking python3-zope.hookable (5.1.0-1build1) ... Selecting previously unselected package python3-zope.event. Preparing to unpack .../10-python3-zope.event_4.4-3_all.deb ... Unpacking python3-zope.event (4.4-3) ... Selecting previously unselected package python3-zope.component. Preparing to unpack .../11-python3-zope.component_4.3.0-3_all.deb ... Unpacking python3-zope.component (4.3.0-3) ... Selecting previously unselected package python3-certbot. Preparing to unpack .../12-python3-certbot_1.21.0-1build1_all.deb ... Unpacking python3-certbot (1.21.0-1build1) ... Selecting previously unselected package certbot. Preparing to unpack .../13-certbot_1.21.0-1build1_all.deb ... Unpacking certbot (1.21.0-1build1) ... Selecting previously unselected package python3-certbot-apache. Preparing to unpack .../14-python3-certbot-apache_1.21.0-1_all.deb ... Unpacking python3-certbot-apache (1.21.0-1) ... Selecting previously unselected package python3-icu. Preparing to unpack .../15-python3-icu_2.8.1-0ubuntu2_amd64.deb ... Unpacking python3-icu (2.8.1-0ubuntu2) ... Setting up python3-configargparse (1.5.3-1) ... Setting up python3-requests-toolbelt (0.9.1-1) ... Setting up python3-parsedatetime (2.6-2) ... Setting up python3-icu (2.8.1-0ubuntu2) ... Setting up augeas-lenses (1.13.0-1) ... Setting up python3-zope.event (4.4-3) ... Setting up python3-zope.hookable (5.1.0-1build1) ... Setting up libaugeas0:amd64 (1.13.0-1) ... Setting up python3-josepy (1.10.0-1) ... Setting up python3-augeas (0.5.0-1.1) ... Setting up python3-rfc3339 (1.1-3) ... Setting up python3-zope.component (4.3.0-3) ... Setting up python3-acme (1.21.0-1ubuntu0.1) ... Setting up python3-certbot (1.21.0-1build1) ... Setting up certbot (1.21.0-1build1) ... Setting up python3-certbot-apache (1.21.0-1) ... Processing triggers for man-db (2.10.2-1) ... Processing triggers for libc-bin (2.35-0ubuntu3.1) ... Scanning processes... Scanning processor microcode... Scanning linux images... Running kernel seems to be up-to-date. The processor microcode seems to be up-to-date. No services need to be restarted. No containers need to be restarted. No user sessions are running outdated binaries. No VM guests are running outdated hypervisor (qemu) binaries on this host.
Check the version installed
certbot --version certbot 1.21.0
Get the Let’s Encrypt SSL certificate To get the SSL certificate using the Certbot, type the command given below: $ sudo certbot --apache You will be asked to provide your valid email address and accept the term of service: Saving debug log to /var/log/letsencrypt/letsencrypt.log Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): admin@your-domain.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf. You must agree in order to register with the ACME server. Do you agree? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: Y Next, you’ll be asked if you want to share your email with the Electronic Frontier Foundation to receive news and other information. If you do not want to subscribe to their content, write N. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Would you be willing, once your first certificate is successfully issued, to share your email address with the Electronic Frontier Foundation, a founding partner of the Let's Encrypt project and the non-profit organization that develops Certbot? We'd like to send you email about our work encrypting the web, EFF news, campaigns, and ways to support digital freedom. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: N Next, you will be asked to select the domain on which you want to install the Let’s Encrypt SSL: Account registered. Which names would you like to activate HTTPS for? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: your-domain.com 2: www.your-domain.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate numbers separated by commas and/or spaces, or leave input blank to select all options shown (Enter 'c' to cancel): If the SSL certificate is successfully obtained, certbot displays a message to show the configuration was successful: IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/your-domain.com.com/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/your-domain.com/privkey.pem Your cert will expire on 2023-03-22. To obtain a new or tweaked version of this certificate in the future, simply run certbot again. To non-interactively renew *all* of your certificates, run "certbot renew" - Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le Now, you have successfully installed SSL on your website.
APPLY FOR LETSENCRYPT SSL CERTIFICATE USING CERTBOT
sudo certbot --apache Saving debug log to /var/log/letsencrypt/letsencrypt.log Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): tech.admin@example.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf. You must agree in order to register with the ACME server. Do you agree? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: Y - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Would you be willing, once your first certificate is successfully issued, to share your email address with the Electronic Frontier Foundation, a founding partner of the Let's Encrypt project and the non-profit organization that develops Certbot? We'd like to send you email about our work encrypting the web, EFF news, campaigns, and ways to support digital freedom. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: N Account registered. Which names would you like to activate HTTPS for? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: example.com 2: www.example.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate numbers separated by commas and/or spaces, or leave input blank to select all options shown (Enter 'c' to cancel): Requesting a certificate for cabdrop.com and www.cabdrop.com Successfully received certificate. Certificate is saved at: /etc/letsencrypt/live/example.com/fullchain.pem Key is saved at: /etc/letsencrypt/live/example.com/privkey.pem This certificate expires on 2023-09-20. These files will be updated when the certificate renews. Certbot has set up a scheduled task to automatically renew this certificate in the background. Deploying certificate Successfully deployed certificate for example.com to /etc/apache2/sites-available/example-com-le-ssl.conf Successfully deployed certificate for www.example.com to /etc/apache2/sites-available/example-com-le-ssl.conf Congratulations! You have successfully enabled HTTPS on https://example.com and https://www.example.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - If you like Certbot, please consider supporting our work by: * Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate * Donating to EFF: https://eff.org/donate-le - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Check the Auto-Renewal status, i.e. that Certbot has setup Auto-Renewal of the Certificate
sudo systemctl status certbot.timer
● certbot.timer - Run certbot twice daily
Loaded: loaded (/lib/systemd/system/certbot.timer; enabled; vendor preset: enabled)
Active: active (waiting) since Thu 2023-06-22 15:02:09 UTC; 18min ago
Trigger: Thu 2023-06-22 23:58:49 UTC; 8h left
Triggers: ● certbot.service
Jun 22 15:02:09 svr1 systemd[1]: Started Run certbot twice daily.
Revoking LetsEncrypt Certificates
If you wish to remove a certificate from your server it can be revoked using a subcommand with Let’s Encrypt client. The command below can be used to revoke a particular certificate.
$ sudo certbot revoke --cert-path /etc/letsencrypt/live/your-domain.com/cert.pem
Note: Replace your-domain.com with the domain which certificate you wish to revoke.
The process does not give a confirmation upon completion, but if you perform it again you will get a message that the certificate has already been revoked.
install_letsencrypt_certbot_apache2_ubuntu_server_22_04.txt · Last modified: 2023/06/22 15:48 by wikiadmin