The CW Blog

How to Get a Free SSL Certificate Using SSH and a Terminal

Published By
Categorized as For Devs Tagged , , , , ,

If you run a website, having an SSL certificate is essential for security and SEO. Fortunately, you don’t have to pay for one—Let’s Encrypt offers free SSL certificates, and you can install one using SSH and a terminal. In this guide, I’ll show you how to get a free SSL certificate and install it on your server step by step.

Please note that this tutorial may not work on shared hosting plans

Prerequisites

Before we start, ensure you have:

  • A domain name pointing to your server
  • SSH access to your server
  • A Linux-based server (Ubuntu, Debian, CentOS, etc.)
  • A web server (Apache or Nginx)
  • sudo privileges

Step 1: Connect to Your Server via SSH

There are 2 ways you can do this – on a Mac, you can find the terminal in your Applications folder. On Managed Hosting platforms, if you have access to cPanel, the SSH Terminal option will be visible there.

First, open your terminal and connect to your server using SSH:

ssh username@your-server-ip

Replace user with your username and your-server-ip with your server’s actual IP address.

Step 2: Install Certbot

Make sure you backup before updating or installing anything new on your server

Certbot is a tool that automates SSL certificate installation and renewal. Install it by running the appropriate command for your server:

For Ubuntu/Debian:

sudo apt update && sudo apt install certbot

For CentOS:

sudo yum install epel-release -y
sudo yum install certbot -y

Step 3: Install the Certbot Plugin for Your Web Server

If you’re using Apache, install the Certbot Apache plugin:

sudo apt install python3-certbot-apache

For Nginx, install the Nginx plugin:

sudo apt install python3-certbot-nginx

Step 4: Obtain a Free SSL Certificate

Now, run the following command to request an SSL certificate.

For Apache:

sudo certbot --apache

For Nginx:

sudo certbot --nginx

Certbot will either give you a list of domains on your server, or ask for your domain name(s). Enter them as prompted (e.g., example.com and www.example.com).

If your domain is not showing on the outputted list, you can manually specify it like this:
sudo certbot –apache -d yourdomain.com

You’ll also be asked whether you want to redirect HTTP traffic to HTTPS. Choose the redirect option for better security.

Step 5: Verify SSL Installation

Once Certbot completes the process, check your SSL certificate by visiting your website with https://. You can also use the following command to test it:

sudo certbot certificates

Step 6: Set Up Auto-Renewal

Let’s Encrypt certificates expire every 90 days, so it’s crucial to automate the renewal process. Certbot automatically adds a renewal job to your cron jobs, but you can test it manually by running:

sudo certbot renew --dry-run

If there are no errors, your certificate will renew automatically when needed.

Conclusion

That’s it! You’ve successfully installed a free SSL certificate on your server using SSH and a terminal. Your site is now more secure, and your SEO rankings will benefit from having HTTPS enabled.

Need help or have questions? Drop a comment below or get in touch!

Leave a comment

Your email address will not be published. Required fields are marked *