Let's Encrypt Certificates
19 Apr 2019The Let’s Encrypt project generates free SSL Certificates for websites to allow encrypted traffic between the web server and browser. The current batch of browsers are highlighting unencrypted (non-HTTPS) sites as a possible security risk so setting up the certificates stops the site being flagged unnecessarily. I used the following commands, taken from here, to add the certificates to this website.
sudo apt-get install python-certbot-apache
sudo certbot --apache -d richardhyde.net -d www.richardhyde.net
I then added this line to roots crontab renew the certificate at 7am and 7pm each day. This seems a bit overkill as the certificates are valid for 30 days but twice a day seems to be the recommendation.
* 7,19 * * * /usr/bin/certbot -q renew