Install an SSL Certificate

First check your hostname

hostname

If you need to change it here is the command

sudo hostnamectl set-hostname new-hostname

Let's use Certbot to install a free SSL certificate from Let's Encrypt. First, install Certbot and the Certbot Apache plugin:

sudo apt install -y certbot python3-certbot-apache

Now, run Certbot and follow the prompts to install your certificate:

sudo certbot --apache

Certbot will ask for your email address (for urgent renewal and security notices) and agreement to the Let's Encrypt terms of service. Then it will communicate with the Let's Encrypt server, and if everything goes well, it will obtain a certificate for you.

Certbot will also ask if you want to redirect HTTP traffic to HTTPS. You should choose this option because it's more secure.

Once done, Certbot will automatically configure Apache to use SSL/TLS. You can check your site now using https://

Finally, to ensure that your SSL certificates are automatically renewed before they expire, add a cron job that periodically runs the certbot renew command. Open the crontab file:

sudo crontab -e

And add the following line to the file:

15 3 * * * /usr/bin/certbot renew --quiet

This will run the certbot renew command every day at 3:15 am. The --quiet option tells Certbot not to produce any output unless it fails.

That's it. You have successfully installed an SSL to the site and have a Cron Job for its auto-renewal.