Let’s Encrypt is a Certificate Authority (CA) that facilitates obtaining and installing free TLS/SSL certificates, thereby enabling encrypted HTTPS on web servers.
It simplifies the process by providing a software client, Certbot, that attempts to automate most (if not all) of the required steps. Currently, the entire process of obtaining and installing a certificate is fully automated on Apache.


Installing Certbot

sudo apt install certbot python3-certbot-apache

Allowing HTTPS Through the Firewall

sudo ufw allow 'Apache Full'
sudo ufw delete allow 'Apache'

Obtaining an SSL Certificate

sudo certbot --apache

This script will prompt you to answer a series of questions in order to configure your SSL certificate.

Verifying Certbot Auto-Renewal

sudo systemctl status certbot.timer

Test the renewal process

sudo certbot renew --dry-run