In this article we will install certbot from Let’s encrypt and get a certificate on Ubuntu 20.04 including how to renew and delete them.
In today’s online world, SSL is must for every website. Users who have personal websites, blogs can’t afford to buy certificates for different reasons. That’s where Let’s encrypt comes in which provide certificates valid for 3 months for free and can be renewed afterwards.
Certbot recommend to use
snap --classic instead of just snap. The deb package currently is outdated so there are limited options. The following command will install certbot on Ubuntu 20.04 LTS.
snap install certbot --classic
To get only a certificate without web root. Some basic questions will be asked for the first time, like to provide email etc.
certbot certonly -d DOAMIN.COM
To get a certificate with web root. You can change things accordingly e.g, your web path.
certbot certonly --webroot -w /var/www/html -d DOAMIN.COM
If you are testing a website you can get a staging certificate which later you can upgrade to production by running the above command.
certbot certonly --test-cert --webroot -w /var/www/html -d DOAMIN.COM
If you have acquired a certificate for web root, chances are that certbot will schedule a renewal for you automatically. Read the last lines once certificate is retrieved by certbot.
To renew a certificate, there are two options. Which one you would implement or use is up to you.
Cron job commands are, to list
crontab -l, to edit
Run cron job everyday at 4.30AM.
30 04 * * * certbot renew
To automatically renew the certificates, add this line to
To delete a certificate you don’t need to remove directories like
live/archive/renew etc anymore manually, just run the following command and you are good to go.
certbot delete --cert-name DOMAIN.COM