Secure your website with letsencrypt

Some days ago I decided to add some security to my website by enabling HTTPS communication through letsencrypt.

I opted for letsencrypt mainly because it’s free, and second because it’s a really fast and easy process, automated and open (as described on their homepage).

The process to setup HTTPS on your domain is as follows:

  • Clone the letsencrypt client repo on your server
git clone
cd letsencrypt
  • Request and install a certificate (replace with your domain)
./letsencrypt-auto --apache -d

That’s it!

You can now visit your homepage with HTTPS and check that everything worked fine :)

Bonus point: auto renewal

Since letsencrypt is currently in beta, the certificate only lasts 3 months, then you need to renew it. To automate this process, I followed the well written tutorial by DigitalOcean.

The main steps are listed here for convenience:

  • Download the renewal script (you can check it our here
curl -L -o /usr/local/sbin/le-renew
chmod +x /usr/local/sbin/le-renew
  • Setup a cronjob that checks whether the certificate needs to be renewed and renews it if needed every week
crontab -e
30 2 * * 1 /usr/local/sbin/le-renew >> /var/log/le-renew.log

The script runs every Monday at 2.30 am and outputs its log at /var/log/le-renew.log. Remember to replace with your domain as before.

Once again, that’s it!

Now you have a HTTPS-enabled domain, that automatically renews its certificate when needed. Fire and forget ;)