Some days ago I decided to add some security to my website by enabling HTTPS communication through letsencrypt.

I opted for letsencrypt mainly because it’s free, and second because it’s a really fast and easy process, automated and open (as described on their homepage).

The process to setup HTTPS on your domain is as follows:

• Clone the letsencrypt client repo on your server

git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt

• Request and install a certificate (replace vittoriomonaco.it with your domain)

./letsencrypt-auto --apache -d vittoriomonaco.it

That’s it!

You can now visit your homepage with HTTPS and check that everything worked fine :)

Bonus point: auto renewal

Since letsencrypt is currently in beta, the certificate only lasts 3 months, then you need to renew it. To automate this process, I followed the well written tutorial by DigitalOcean.

The main steps are listed here for convenience:

• Download the renewal script (you can check it our here

curl -L -o /usr/local/sbin/le-renew http://do.co/le-renew
chmod +x /usr/local/sbin/le-renew

• Setup a cronjob that checks whether the certificate needs to be renewed and renews it if needed every week

crontab -e

30 2 * * 1 /usr/local/sbin/le-renew vittoriomonaco.it >> /var/log/le-renew.log

The script runs every Monday at 2.30 am and outputs its log at /var/log/le-renew.log. Remember to replace vittoriomonaco.it with your domain as before.

Once again, that’s it!

Now you have a HTTPS-enabled domain, that automatically renews its certificate when needed. Fire and forget ;)