Dokumentation

English

Deutsch

English

Deutsch

Appearance

Install Certbot ​

Instructions for installing Certbot for Apache2 and Nginx on a root server.

With Certbot you can set up free TLS/SSL certificates from Let's Encrypt.

  1. Update system

First update the system of your root server. Open the console and enter the following command:

apt update && apt upgrade -y
apt update && apt upgrade -y
  1. Install Snap

Install Snap by entering the following commands in the console:

sudo apt install snapd
sudo snap install core
sudo snap refresh core
sudo apt install snapd
sudo snap install core
sudo snap refresh core
  1. install Certbot
sudo snap install --classic certbot
sudo snap install --classic certbot
  1. make Certbot command available
sudo ln -s /snap/bin/certbot /usr/bin/certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
  1. use Certbot
  • For Apache2:
sudo certbot --apache
sudo certbot --apache
  • For Nginx:
sudo certbot --nginx
sudo certbot --nginx
  1. Check certificates
  • You can find certificates under:
/etc/letsencrypt/live/<your-domain>/
/etc/letsencrypt/live/<your-domain>/
  • Show status:
sudo certbot certificates
sudo certbot certificates
  1. Check automatic renewal

Certbot automatically creates a cronjob. You can use the following command to test whether the automatic renewal works correctly:

sudo certbot renew --dry-run
sudo certbot renew --dry-run

Certbot via APT ​

⚠️ Note

This method often installs outdated versions. Only use it if snap is not possible.

  1. Update system

First update the system of your root server. Open the console and enter the following command:

apt update && apt upgrade -y
apt update && apt upgrade -y
  1. install Certbot
  • For Apache2:
sudo apt install certbot python3-certbot-apache
sudo apt install certbot python3-certbot-apache
  • For Nginx:
sudo apt install certbot python3-certbot-nginx
sudo apt install certbot python3-certbot-nginx
  1. use Certbot
  • For Apache2:
sudo certbot --apache
sudo certbot --apache
  • For Nginx:
sudo certbot --nginx
sudo certbot --nginx
  1. Check certificates
  • You can find certificates under:
/etc/letsencrypt/live/<your-domain>/
/etc/letsencrypt/live/<your-domain>/
  • Show status:
sudo certbot certificates
sudo certbot certificates
  1. Check automatic renewal

Certbot automatically creates a cronjob. You can use the following command to test whether the automatic renewal works correctly:

sudo certbot renew --dry-run
sudo certbot renew --dry-run

ℹ️ Important

The domain must point to the server (A or AAAA entry), and port 80 (HTTP challenge) must be accessible - otherwise the validation will fail.

© 2016 - 2025 EmeraldHost