This article covers method to Secure Apache with Let's Encrypt on Ubuntu 20.04. Let's Encrypt is a certificate authority created by the Internet Security Research Group (ISRG).
It provides free SSL certificates via a fully automated process designed to eliminate manual certificate creation, validation, installation, and renewal.
Certificates issued by Let's Encrypt are valid for 90 days from the issue date and trusted by all major browsers today.
To install Certbot on Ubuntu:
Certbot is a command-line tool that automates the tasks for obtaining and renewing Let’s Encrypt SSL certificates.
The certbot package is included in the default Ubuntu repositories.
Update the packages list and install certbot using the following commands:
$ sudo apt update
$ sudo apt install certbot
Before enabling the configuration files, make sure both mod_ssl and mod_headers are enabled by issuing:
$ sudo a2enmod ssl
$ sudo a2enmod headers
Next, enable the SSL configuration files by running the following commands:
$ sudo a2enconf letsencrypt
$ sudo a2enconf ssl-params
Enable the HTTP/2 module, which will make your sites faster and more robust:
$ sudo a2enmod http2
Reload the Apache configuration for changes to take effect:
$ sudo systemctl reload apache2