In order to generate an SSL certificate, it is essential that the DNS settings have already been set so that the domain points to the service. It is also important that a web server is installed. If not yet done, a web server of your choice must be installed. Both Apache and Nginx can be used. The services can be set up with the following commands: Apache:

Nginx:

Setup​

If all points have been considered in the preparation, then we can start with the actual setup of Let's Encrypt. To do so, we first need the Let's Encrypt client, which we can use to generate the certificate afterwards:

Now we can generate the SSL certificate. The command for this looks like this:

For each additional domain/subdomain name a -d example.com must be added. Instead of example.com you add your ordered domain name to it. You will then be asked to enter a e-mail address. Press Enter to confirm your input. After that you have to confirm the terms of use:

If everything is fine, then you will see a message like the following. This message means that Let's Encrypt has approved and created your certificate.

Finally, the virtual host file of the web server must be adjusted accordingly. Depending on the web server the following options have to be adjusted: Apache:

Nginx:

Renew SSL certificate automatically (optional)​

Furthermore, the renewal of certificates can also be automated. This prevents the certificates from expiring. You can implement this with a cronjob. Execute the command sudo crontab -e and add the following content at the end: