Step-by-step Guide to Installing Let's Encrypt Ssl on a Digitalocean Droplet

Securing your website is essential for protecting user data and building trust. Installing a free SSL certificate from Let's Encrypt on your DigitalOcean droplet is a straightforward process. This guide will walk you through each step to set up SSL for your server.

Prerequisites

• A DigitalOcean droplet with a working web server (Apache or Nginx).
• Root or sudo access to your server.
• A registered domain name pointing to your droplet's IP address.
• Basic knowledge of terminal commands.

Step 1: Connect to Your Droplet

Open your terminal and connect to your droplet via SSH using your server's IP address:

ssh root@your_server_ip

Step 2: Install Certbot

Certbot is the recommended tool for obtaining Let's Encrypt certificates. Install Certbot with the following commands based on your server's OS.

For Ubuntu/Debian

Update package lists and install Certbot:

sudo apt update

sudo apt install certbot python3-certbot-nginx

For CentOS/RHEL

Enable EPEL repository and install Certbot:

sudo yum install epel-release

sudo yum install certbot python3-certbot-nginx

Step 3: Obtain SSL Certificate

Run Certbot to get your SSL certificate. Replace yourdomain.com with your actual domain name.

sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com

Follow the prompts to agree to the terms and choose whether to redirect HTTP traffic to HTTPS.

Step 4: Verify the Installation

After the process completes, verify your SSL certificate by visiting https://yourdomain.com. You should see a secure padlock in the browser address bar.

You can also run the following command to check the certificate details:

sudo certbot certificates

Step 5: Set Up Auto-Renewal

Let's Encrypt certificates are valid for 90 days. To automatically renew them, set up a cron job:

sudo crontab -e

Add the following line to run renewal twice daily:

0 0,12 * * * /usr/bin/certbot renew --quiet

Conclusion

Installing Let's Encrypt SSL on your DigitalOcean droplet enhances your website's security and trustworthiness. Regularly check your certificate's status and ensure auto-renewal is functioning correctly to maintain continuous protection.