This is a short tutorial on how to setup a Let’s Encrypt cerificate on your website if you are hosting it through VestaCP. If you are not familiar, Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG). You can grab a free digital certificate and enable SSL/TLS on your website for improved security and privacy.
First, login to your server through SSH as root and go to your local user directory:
Download the required files:
git clone https://github.com/letsencrypt/letsencrypt.git
git clone https://github.com/interbrite/letsencrypt-vesta.git
Create the webroot directory where Let’s encrypt will write the files required for domain verification:
Symlink the Apache conf file to enable proper serving of the validation files:
ln-s /usr/local/letsencrypt-vesta/letsencrypt.conf /etc/apache2/conf.d/letsencrypt.conf
Symlink letsencrypt-auto and letsencrypt-vesta:
Restart the apache service:
service apache2 restart
Now, the final part is to install the SSL certificate to your website by entering the following command (username is your vestacp username, and yourwebsite.com is the website you want to install the SSL certificate to):
letsencrypt-vesta username yourwebsite.com
Because Let’s Encrypt certificates expire after 90 days, it is recommended that you re-enter the last command to renew your certificate.