How to Install Free SSL Certificate Using Certbot and Let's Encrypt (Complete Guide)

Website security is no longer optional. Whether you run a blog, business website, or web application, using HTTPS is essential. Google considers HTTPS as a ranking factor, and modern browsers warn users when a site is not secure.

The good news is that you don’t need to buy expensive SSL certificates. You can get a 100% free SSL certificate using Let's Encrypt and install it easily using Certbot.

In this step-by-step guide, you will learn how to install a free SSL certificate using Certbot on Ubuntu with both Apache and Nginx servers, enable automatic renewal, force HTTPS, and troubleshoot common errors.

---

What Is SSL and Why Is It Important?

SSL (Secure Sockets Layer), now technically known as TLS, encrypts data exchanged between a user’s browser and your server. This prevents attackers from stealing sensitive information such as passwords, forms, or payment details.

Benefits of using SSL:

• Encrypts user data
• Shows HTTPS and padlock icon
• Improves Google SEO ranking
• Builds user trust
• Required for modern browsers and APIs

---

What Is Let's Encrypt?

Let's Encrypt is a free, automated, and open Certificate Authority (CA) that provides SSL certificates trusted by all major browsers. Millions of websites use Let's Encrypt to secure their domains.

Certificates issued by Let's Encrypt are valid for 90 days but can be automatically renewed using Certbot.

---

What Is Certbot?

Certbot is a command-line tool developed by the Electronic Frontier Foundation (EFF). It automates the process of:

• Requesting SSL certificates
• Installing certificates
• Configuring web servers
• Renewing certificates automatically

Certbot works with Apache, Nginx, and many other servers.

---

Prerequisites

Before starting, make sure you have:

• Ubuntu 20.04 / 22.04 server
• Root or sudo access
• Domain name (example.com)
• Domain pointing to server IP
• Apache or Nginx installed

---

Step 1: Update Your Server

sudo apt update
sudo apt upgrade -y

Keeping your server updated ensures compatibility and security.

---

Step 2: Install Certbot

For Apache Server

sudo apt install certbot python3-certbot-apache -y

For Nginx Server

sudo apt install certbot python3-certbot-nginx -y

After installation, verify Certbot:

certbot --version

---

Step 3: Obtain Free SSL Certificate

Apache Users

sudo certbot --apache

Nginx Users

sudo certbot --nginx

Certbot will ask:

• Email address
• Agree to terms
• Select domain
• Redirect HTTP to HTTPS (choose Yes)

Once finished, your SSL certificate will be installed automatically.

---

Step 4: Verify HTTPS

Open browser and visit:

https://yourdomain.com

You should see a padlock icon.

Check certificate info:

sudo certbot certificates

---

Step 5: Test Auto Renewal

Let's Encrypt certificates expire after 90 days. Certbot sets up auto-renewal automatically.

sudo certbot renew --dry-run

If no errors appear, renewal is working correctly.

---

Step 6: Force HTTPS Redirect Manually (Optional)

Apache

sudo nano /etc/apache2/sites-available/000-default.conf

Add:

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Restart Apache:

sudo systemctl restart apache2

Nginx

Inside server block:

server {
    listen 80;
    server_name yourdomain.com;
    return 301 https://$host$request_uri;
}

Restart:

sudo systemctl restart nginx

---

Step 7: Allow Firewall Ports

sudo ufw allow 80
sudo ufw allow 443
sudo ufw reload

---

Check SSL Security Grade

Use SSL Labs test:

https://www.ssllabs.com/ssltest/

Aim for grade A or A+.

---

Common Errors and Solutions

Domain Not Pointing to Server

Ensure your DNS A record points to your server IP.

Port 80 Blocked

sudo ufw allow 80

Too Many Requests Error

Wait one hour and try again.

Certificate Expired

sudo certbot renew

---

Using SSL with Laravel or WordPress

No special configuration needed. After SSL installation:

• Update APP_URL in Laravel .env
• Update Site URL in WordPress settings

APP_URL=https://yourdomain.com

---

Benefits After Installing SSL

• Higher SEO rankings
• Browser trust
• Secure forms
• Better conversions
• Required for payment gateways

---

Best Practices

• Always enable auto-renewal
• Use strong server permissions
• Redirect all HTTP traffic
• Renew test monthly
• Keep server updated

---

Frequently Asked Questions

Is Let's Encrypt trusted?

Yes, trusted by all major browsers.

Does free SSL have limitations?

No encryption limitations.

Can I use multiple domains?

Yes, Certbot supports multi-domain certificates.

Does SSL slow website?

No, HTTPS is optimized and often faster.

---

Conclusion

Installing a free SSL certificate using Certbot and Let's Encrypt is one of the most important steps to secure your website. The entire process takes only a few minutes and provides enterprise-level encryption without any cost.

With automatic renewal, HTTPS redirection, and proper configuration, your website will remain secure, trusted, and SEO-friendly.

Every website owner should enable SSL today.