Documentation

English

Deutsch

English

Deutsch

Appearance

Install Certbot

Instructions for installing Certbot for Apache2 and Nginx on a root server.

With Certbot you can set up free TLS/SSL certificates from Let's Encrypt.

  1. Update system

    First update the system of your root server. Open the console and enter the following command:

    apt update && apt upgrade -y
    apt update && apt upgrade -y

  2. Install Snap

    Install Snap by entering the following commands in the console:

    sudo apt install snapd
sudo snap install core
sudo snap refresh core
    sudo apt install snapd
sudo snap install core
sudo snap refresh core

  3. install Certbot

    sudo snap install --classic certbot
    sudo snap install --classic certbot

  4. make Certbot command available

    sudo ln -s /snap/bin/certbot /usr/bin/certbot
    sudo ln -s /snap/bin/certbot /usr/bin/certbot

  5. use Certbot

    • For Apache2:
    sudo certbot --apache
    sudo certbot --apache
    • For Nginx:
    sudo certbot --nginx
    sudo certbot --nginx

  6. Check certificates

    • You can find certificates under:
    /etc/letsencrypt/live/<your-domain>/
    /etc/letsencrypt/live/<your-domain>/
    • Show status:
    sudo certbot certificates
    sudo certbot certificates

  7. Check automatic renewal

    Certbot automatically creates a cronjob. You can use the following command to test whether the automatic renewal works correctly:

    sudo certbot renew --dry-run
    sudo certbot renew --dry-run

Certbot via APT

⚠️ Note

This method often installs outdated versions. Only use it if snap is not possible.

  1. Update system

    First update the system of your root server. Open the console and enter the following command:

    apt update && apt upgrade -y
    apt update && apt upgrade -y

  2. install Certbot

    • For Apache2:
    sudo apt install certbot python3-certbot-apache
    sudo apt install certbot python3-certbot-apache
    • For Nginx:
    sudo apt install certbot python3-certbot-nginx
    sudo apt install certbot python3-certbot-nginx

  3. use Certbot

    • For Apache2:
    sudo certbot --apache
    sudo certbot --apache
    • For Nginx:
    sudo certbot --nginx
    sudo certbot --nginx

  4. Check certificates

    • You can find certificates under:
    /etc/letsencrypt/live/<your-domain>/
    /etc/letsencrypt/live/<your-domain>/
    • Show status:
    sudo certbot certificates
    sudo certbot certificates

  5. Check automatic renewal

    Certbot automatically creates a cronjob. You can use the following command to test whether the automatic renewal works correctly:

    sudo certbot renew --dry-run
    sudo certbot renew --dry-run

ℹ️ Important

The domain must point to the server (A or AAAA entry), and port 80 (HTTP challenge) must be accessible - otherwise the validation will fail.

© 2016 - 2025 EmeraldHost