How to Install LetsEncrypt Trusted SSL Certificates on VestaCP
This tutorial will walk you through the process of installing LetsEncrypt free trusted SSL certificate on VestaCP hosted at DigitalOcean.
What is an SSL? SSL stands for Secure Socket Layer and its main purpose is to protect your sensitive information as it travels across the internet. By adding SSL to your website, your business will gain more trust from your customers as it kept all sensitive information safe from hackers.
Thank LetsEncrypt, they are offering free trusted certificates for websites. This tutorial will guide you how to install a free trusted certificate from LetsEncrypt on a VestaCP server.
Below is the information about our server configuration that hosted with a minimal server specification at DigitalOcean:
|OS||Ubuntu 15.10 x64|
|VestaCP Web Server||Nginx with Apache|
Before you can obtain free certificates from LetsEncrypt, you will need to install the LetsEncrypt Client on your server first. On your computer, use any software or terminal to connect to your server and proceed the following steps:
Step 1: clone the installation script
Run the following command to download LetsEncrypt installation script on to your server
$ sudo git clone https://github.com/letsencrypt/letsencrypt /opt/share/letencrypt
Step 2: Install all LetsEncrypt’s dependencies
letsencrypt-auto script resides in
/opt/share/letsencrypt/ will installs all of its own dependencies and updates the client code automatically.
$ sudo /opt/share/letsencrypt/letsencrypt-auto --help
It will take a few minutes to download and install all dependencies. We use
--help parameter here in order to prevent the script from displaying HTTPS Activation wizard because we will manually generate a certificate for a specific domain later.
Generate Certificate for your Website
After you have properly installed LetsEncrypt, now you can generate the certificate for any websites on your server. Here, we will generate a certificate for our website named domain.com.
Note: make sure that you have already add mydomain.com to VestaCP and point mydomain.com and www.mydomain.com to your VestaCP server correctly.
Run the following command to generate a certificate for mydomain.com:
$ /opt/share/letsencrypt/letsencrypt certonly --webroot -w /home/admin/web/mydomain.com/public_html/ -d mydomain.com -d www.mydomain.com
Next, you will ask to enter an Email Address for key recovery:
Agree to the LetsEncrypt Terms of Service.
Now, it will generate 4 files under
/etc/letsencrypt/live/mydomain.com as below:
- cert.perm – will be used for SSL Certificate
- chain.perm – will be used for SSL Certificate Authority / Intermediate
- privkey.perm – will be used for SSL Key
Applying the Certificate on VestaCP
You have already generated all certificate information, now it’s time to apply the certificate to your website. To do so, you need to log into your VestaCP > WEB and click on EDIT
Next, you will need to copy the content of the three generated certificates file by using
cat command and paste them on to below textbox. Example:
$ cat /etc/letsencrypt/live/mydomain.com/cert.perm $ cat /etc/letencrypt/live/mydomain.com/privkey.perm $ cat /etc/letencrypt/live/mydomain.com/chain.perm
Access Your Website with HTTPS
After you finishing apply certificate information to your website, now it’s time to test your secure connection via HTTPS. Open up your favorite browser and type your domain name with https protocol as below:
If you get the result as the picture above, it means that you have successfully installed a FREE certificate for your website.