How to install Certbot on Ubuntu 20.04

In this article we will install Certbot from Let’s encrypt and get a certificate on Ubuntu 20.04 including how to renew and delete them.

In today’s online world, SSL is a must for every website. Users with personal websites or blogs may be unable to purchase certificates for various reasons. That’s where Let’s Encrypt comes in, providing certificates that are valid for three months for free and can be renewed afterward.

If you are using another version of Ubuntu, such as 22.04 LTS, the steps remain the same for that version as well.


Certbot recommends using snap --classic instead of just snap. The deb package is currently outdated, limiting the available options. The following command will install Certbot on Ubuntu via snap. If snap is not yet installed, simply run apt install snapd.

snap install certbot --classic

Get a certificate

You will be asked some basic questions for the first time, such as providing an email address, etc.

To obtain only a certificate without a web root.

certbot certonly -d DOAMIN.COM 

To obtain a certificate with a web root, you can make changes accordingly, such as adjusting your web path.

certbot certonly --webroot -w /var/www/html -d DOAMIN.COM

If you are testing a website, you can obtain a staging certificate, which can later be upgraded to production by running the above command.

certbot certonly --test-cert --webroot -w /var/www/html -d DOAMIN.COM


If you have obtained a certificate for a web root, Certbot will likely schedule an automatic renewal for you. Please read the final lines once the certificate is retrieved by Certbot.

To renew a certificate, you have two options. The choice of which option to use is up to you.

Option 1: Cron

Cron job commands are, to list crontab -l, to edit crontab -e

Run cron job everyday at 4.30AM.

30 04 * * * certbot renew

Option 2: Certbot hook

To automatically renew the certificates, add this line to /etc/periodic.conf.


Delete a certificate

To delete a certificate, you no longer need to manually remove directories like live, archive, renew, etc. Just run the following command, and you’re good to go.

certbot delete --cert-name DOMAIN.COM