Home Linux Commandline Tools How to Install Let’s Encrypt SSL Certificate on Domain

How to Install Let’s Encrypt SSL Certificate on Domain

Consider this scenario, you have a website project that is up and running but you need some security surety to maintain the integral identity of your website project.

Website security provides the certainty that potential and growing internet traffic is never diverted from a web platform since users can trust their access to it. The Let’s Encrypt SSL certificate is a digital certificate responsible for authenticating a web app’s identity via an activated encrypted connection.

For Linux users running and managing web apps via various Linux server distribution systems (either for personal or commercial reasons), the Let’s Encrypt SSL certificate is good at not only keeping customer information private and secure but also encapsulating their online transactions from prying eyes.

This article will walk us through the installation and activation of the Let’s Encrypt SSL certificates on an active domain name.

Benefits of Using Let’s Encrypt SSL Certificate

Before we address the main objective of this article, we first need to recognize the key benefits associated with using Let’s Encrypt SSL certificate.

Data Protection

The primary functional objective of a Let’s Encrypt SSL certificate is to preserve the integrity associated with server-client communication. This certificate encrypts every bit of information associated with the server-client communication.

It is only the user browser or server that has the capacity to unlock these encrypted data. These encrypted data can be sensitive user-related information like credit card numbers, passwords, and user IDs.

User Identity Affirmation

Identity verification is an important web security aspect. An SSL certificate helps authenticate a website to protect users from deceptive internet footprints.

During an SSL certificate installation, the validity of the web app seeking the SSL certificate is determined by a Certificate Authority (CA) before the integrity of the website is vouched for by trust indicators. These trust indicators save users from having to transact with sensitive data on pretentious websites.

Improved Search Engine Ranking

Since 2014, Google has made sure that HTTPS-enabled websites get an upper hand in terms of search engine ranking. Higher Search Engine Rankings favor HTTPS websites over HTTP websites.

Therefore, if you want to be on Google’s first page when users search for information associated with the services your website renders, consider using the Let’s Encrypt SSL certificate on your platform.

Meeting PCI/DSS Requirements

The PCI/DCI requirements help determine the credibility of a web platform in accepting online payments. In short, to transact online payments, your web platform needs to be PCI compliant. Having an SSL certificate installed on your web app helps meet this requirement.

Improved Customer Trust

Apart from the encryption and authentication attributes associated with an SSL certificate, the padlock sign that appears on an SSL-activated website contributes to the customer trust point of view.

SSL Padlock Sign
SSL Padlock Sign

It also provides vital organizational details that help guarantee the legitimacy of the platform. Users are prone to visit sites they trust.

Installing Let’s Encrypt SSL Certificate in Linux

We first need to download the Let’s Encrypt associated package on your Linux distributions.

Install Let’s Encrypt in RHEL Systems

To install Let’s Encrypt on RHEL-based distributions such as Fedora, CentOS Stream, Rocky Linux, and AlmaLinux, use:

$ sudo dnf makecache
$ sudo dnf install git
$ sudo git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt

Install Let’s Encrypt in Debian Systems

To install Let’s Encrypt on Debian-based distributions such as Ubuntu and Linux Mint, use:

$ sudo apt update 
$ sudo apt install git
$ sudo git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt

Install Let’s Encrypt in openSUSE

$ sudo zypper refresh
$ sudo zypper install git
$ sudo git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt

Install Let’s Encrypt in Arch and Manjaro

$ sudo pacman -Sy
$ sudo pacman -S git 
$ sudo git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt

Activating Let’s Encrypt SSL Certificate on Domain

To activate it, navigate to the /opt/letsencrypt directory.

$ cd /opt/letsencrypt 

To install the Let’s Encrypt SSL certificate on a domain like ubuntumint.com, consider the implementation of the following command:

$ sudo -H ./letsencrypt-auto certonly --standalone -d ubuntumint.com -d www.ubuntumint.com

Respond to the presented prompts during the execution of the above command with (A)gree/(C)ancel and (Y)es/(N)o.

After the certificate is installed, confirm its existence with the command:

$ ./certbot-auto certificates

You should see an output like,

Certificate Path: /etc/letsencrypt/live/ubuntumint.com/fullchain.pem

You should now be able to visit your HTTPS-powered site e.g. https://ubuntumint.com. If you want, you can check the Let’s Encrypt SSL certificate’s expiration date for your domain.

We have understood the importance of having an SSL certificate on your website and successfully demonstrated how to install it on various Linux distribution platforms. Hope this article guide was helpful. Feel free to leave a comment or feedback.

Ravi Saive
I am an Experienced GNU/Linux expert and a full-stack software developer with over a decade in the field of Linux and Open Source technologies. Founder of TecMint.com, LinuxShellTips.com, and Fossmint.com. Over 150+ million people visited my websites.

Each tutorial at UbuntuMint is created by a team of experienced writers so that it meets our high-quality standards.

Was this article helpful? Please add a comment to show your appreciation and support.

Got something to say? Join the discussion.

Thanks for choosing to leave a comment. Please keep in mind that all comments are moderated according to our comment policy, and your email address will NOT be published or shared. Please Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.