Step 1 – Ensure all apt packages are up to date
apt-get update && apt-get upgrade
Step 2 – Install certbot
apt-get -y install certbot
Step 3 – Register a new certificate with certbot and webroot plugin
certbot certonly --webroot --agree-tos --email admin@example.com -d subdomain.example.com -w /var/www/html/
Step 4 – Backup any existing certificates and symlink the new certificates to where the old (usually self signed) ones existed.
mv /var/www/example.com/ssl/certificate.crt /var/www/subdomain.example.com/ssl/certificate.crt.bk
mv /var/www/subdomain.example.com/ssl/privkey.key /var/www/subdomain.example.com/ssl/privkey.key.bk
ln -s /etc/letsencrypt/live/subdomain.example.com/cert.pem /var/www/subdomain.example.com/ssl/certificate.crt
ln -s /etc/letsencrypt/live/subdomain.example.com/privkey.pem /var/www/subdomain.example.com/ssl/privkey.key
Step 5 – Update apache virtual host config to reflect new SSL certificate paths
SSLCertificateFile /var/www/subdomain.example.com/ssl/certificate.crt
SSLCertificateKeyFile /var/www/subdomain.example.com/ssl/privkey.key
Step 6 – Restart apache to begin using the new SSL certificates
systemctl apache2 restart
Great content! Super high-quality! Keep it up! 🙂