How to Set Up a Free SSL Certificate on Your Ubuntu VPS
The Absolute Necessity of HTTPS
Serving your website over HTTP is no longer acceptable. Web browsers prominently mark HTTP sites as "Not Secure," destroying user trust. Additionally, Google uses HTTPS as a ranking signal, penalizing unsecured sites. Fortunately, securing your VPS has never been easier or cheaper thanks to Let's Encrypt, a free, automated, and open certificate authority.
Prerequisites
Before beginning, ensure you have an active Ubuntu VPS, a domain name correctly pointed (via A-records) to your server's public IP address, and an installed web server like NGINX or Apache.
Step 1: Install Certbot
Certbot is the client application that fetches certificates from Let's Encrypt and automatically deploys them to your web server. On Ubuntu, it is recommended to install it via snap.
sudo snap install core; sudo snap refresh core
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbotStep 2: Obtain and Configure the Certificate
Certbot features incredibly intuitive plugins that completely automate the SSL installation and HTTP-to-HTTPS redirection configurations.
For NGINX:
sudo certbot --nginx -d yourdomain.com -d www.yourdomain.comFor Apache:
sudo certbot --apache -d yourdomain.com -d www.yourdomain.comStep 3: Verify Auto-Renewal
Let's Encrypt certificates are only valid for 90 days. The certbot package automatically installs a systemd timer to renew certificates before they expire. You can test the automatic renewal process with a dry run.
sudo certbot renew --dry-runConclusion
With just a handful of terminal commands, your VPS is securely encrypting traffic, boosting your SEO, and guaranteeing user data privacy. The era of paying hundreds of dollars per year for basic Domain Validated (DV) SSL certificates is officially over.