To secure Apache with mod_md and Let’s Encrypt on Ubuntu 20.04 LTS, you can use the following steps:
- Install the necessary dependencies by running the command:
sudo apt install -y apache2 certbot python3-certbot-apache
- Enable the mod_md module by running the command:
sudo a2enmod md
- Create a new directory to store the Let’s Encrypt certificates by running the command:
sudo mkdir /etc/apache2/md
- Create a new virtual host configuration for the domain you want to secure by running the command:
sudo nano /etc/apache2/sites-available/example.com.conf
- Add the following code to the virtual host configuration file, replacing example.com with your domain name:
<VirtualHost *:80>
ServerName example.com
ServerAdmin webmaster@example.com
DocumentRoot /var/www/example.com
<Directory /var/www/example.com>
AllowOverride All
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
- Enable the virtual host by running the command:
sudo a2ensite example.com.conf
- Run the following command to request a certificate and automatically configure Apache with the mod_md module:
sudo certbot --apache -d example.com
- Test your configuration by accessing your domain over HTTPS and verify that the certificate is valid and the connection is secure.
It’s important to note that the above commands are to be run as a user with root privileges. Also, it’s important to keep in mind that the Let’s Encrypt SSL Certificates are valid for only 90 days, so you need to renew them before they expire. You can use the certbot renew command to renew the certificates automatically. It’s a good idea to set up a cron job or systemd timer to renew the certificates automatically.