How to Install SSL on a VPS (Step-by-Step)
Installing an SSL certificate on your VPS secures your website by encrypting data between the server and your visitors. Below is a step-by-step guide for installing an SSL certificate on a VPS using Let’s Encrypt with Apache. (You can adapt similar steps for Nginx.)
1. Prepare Your VPS Environment
a. Update Your System
Open your terminal and log in to your VPS via SSH:
ssh root@your-vps-ip
Then, update your package lists and upgrade installed packages:
sudo apt update && sudo apt upgrade -y # For Ubuntu/Debian
For CentOS/AlmaLinux, use:
sudo yum update -y
b. Install Apache (if not already installed)
For Ubuntu/Debian:
sudo apt install apache2 -y
For CentOS/AlmaLinux:
sudo yum install httpd -y
sudo systemctl start httpd && sudo systemctl enable httpd
2. Install Certbot
Certbot is a free, open-source tool to obtain and renew Let’s Encrypt SSL certificates.
a. Install Certbot on Ubuntu/Debian:
sudo apt install certbot python3-certbot-apache -y
b. Install Certbot on CentOS/AlmaLinux:
sudo yum install epel-release -y
sudo yum install certbot python2-certbot-apache -y
Note: Adjust package names if using newer versions or different distributions.
3. Obtain Your SSL Certificate
a. Run Certbot for Apache:
Execute Certbot with the Apache plugin:
sudo certbot --apache
b. Follow the Prompts:
- Enter Your Email Address:
This is used for urgent notices and renewal reminders. - Agree to the Terms of Service:
Confirm that you agree to Let’s Encrypt’s terms. - Select Your Domain:
Certbot will automatically detect your domain names from your Apache configuration. Select the ones you want to secure.
Certbot will then communicate with Let’s Encrypt, obtain your certificate, and automatically update your Apache configuration to use HTTPS.
4. Verify the Installation
a. Test Your Website
Visit your website using https://yourdomain.com
and check that the SSL padlock icon appears in your browser’s address bar.
b. Check Certificate Details
You can use online tools such as SSL Labs’ SSL Test to verify that your certificate is correctly installed and configured.
5. Set Up Auto-Renewal
Let’s Encrypt certificates are valid for 90 days. Certbot automatically sets up a cron job or systemd timer to renew the certificate before expiration.
a. Test Renewal Process:
Run a dry-run to ensure renewal works:
sudo certbot renew --dry-run
Final Thoughts
By following these steps, you’ve successfully installed an SSL certificate on your VPS using Let’s Encrypt and Apache. Your website now benefits from enhanced security and improved SEO. Remember to monitor your certificate’s expiration and ensure auto-renewal is working correctly.
Ready to secure your website? Follow these steps and enjoy a safer, HTTPS-enabled web presence!