How to Get Fully Automated Let's Encrypt SSL Renewal (no coding)

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey everyone this is tony teaches tech i'm tony and in this video i'm not only going to show you how to set up a free let's encrypt ssl certificate for your website but also show you how to automatically renew that ssl certificate which actually happens to be minimal to no configuration on your part and if you're familiar in the past i did have a video showing you how to set up a job to automatically renew the ssl certificate every three months but in newer versions of let's encrypt or i should say newer versions of certbot which is the way we install the let's encrypt ssl certificate this happens automatically this job is automatically created for you and that is a better solution so let me show you how to do this and let me show you how to check to see if your existing ssl certificate is auto renew capable so here we go we have a website here called like comment subscribe.club and it is only being served over http at this point now i have logged into this server via ssh so the website that you're looking at is at var www.html now that's that's beside the point this is an nginx web server that's important to know i'm going to assume that you have some type of ssh access to your web server whether that's nginx or apache or something else and this tutorial is going to be specific for nginx if you are on another web server you can come to certbot.eff.org instructions and get the specific instructions for whatever software you're working with okay so i'll try to point out along the way where there's difference for you potentially but what we're going to do is go ahead and do an apt update just to make sure we're looking at the latest versions of all the packages out there so go ahead and do that and then we can do an app to install snap d now snap d is the package manager that's going to allow us to install certbot the the modern version of surprise the recommended way to install surplus rather than apt or you know getting it through github so i recommend that you do that if you want the auto renew feature and then after that we can do a snap install core semicolon snap refresh core hit enter and that's just going to make sure snap is ready to go for us and after that we can do a snap install dash dash classic sort bot and that's going to go ahead and grab certbot for us and then finally after that we just have to make our symbolic link which is not always the case but it's good good to try so symbolic link from snap bin certbot to the user bin certbot executable okay so that go ahead that went ahead and made that symbolic link uh now because i am on nginx like i said i'm gonna issue the certificate with cert bot dash dash nginx and if you're on apache or something else you'll have to look up those instructions i do know that apache would just be swapping this out for apache okay so let's do that uh the email address associated with the ssl is going to be tony teaches tech at gmail.com do we agree to the terms and conditions a for agree and then do we want to sign up for the email list no thank you and now this is the domain name that we want to issue the https or we want to issue the ssl certificate for so that looks good that's going to go ahead and grab the certificate for us install it and verify that we actually do own that domain name and it's always good practice to do the redirect in my opinion so i'm going to do two and hit enter that's going to redirect all http traffic to https okay so at this point you have your ssl certificate let's test that out if we go to the website again should redirect us and there we go so we have our ssl certificate it's valid it is um from let's encrypt there we go that was easy now though this i should actually go back here and show you this this ssl certificate expires october 23rd today is july 25th so that's three months from now so the reason the whole point of this video is to if when it expires to make sure that it's going to automatically get a new certificate for you that's going to last another three months and then when that expires same thing happens so indefinitely you're going to not need to come back in here and manually renew the ssl certificate so in order to check that that's the case it and depending on what system you're running this is ubuntu there's one of two ways that i know that this could happen you can check tab cron chad dash l to see what your cron jobs look like and there there is no cron job on this case but that might not be the case for you you might have a crown job with a assert bot job in there to renew the ssl certificate but more likely case for me is system ctl list timers so basically let's make this a little bit bigger uh and minimize that so we can see what we're working with this is a list of all timers on my system and one of these is the serpot timer so this was installed during the process that we just went through uh the certbot timer and the cert bot service so where do these files live on our computer um and we'll look into that but i just want to point out that in nine hours this timer is going to go off okay so let's let's let's look under the hood and see what we're working with here so i know that at etc system d system snap and actually in here we can show you what's in here so these are all of our system files and then if we type in snap star we'll do snap dot cert bot renew star we have the service and the timer that i just pointed out so let's look at each one of those individually let's look at the timer first and basically this timer executes every day that's what these three stars mean every day at 1 37 in the morning and 20 54 in the evening so twice a day it's gonna check it's twice a day it's going to call this service which if you remember that's what we're going to look at next so this is the timer and then let's look at the service what's actually going to happen so certbot.renew.service those two times per day we are going to run whatever happens in exe start which is running snap it's going to be this command snap run there's a timer argument and then cert bot renew so that is our renew logic twice a day to make sure that our ssl certificate never expires so within what was that like a 12 hour 12 to 20 hour period where every every day we're gonna check to see that the cert bot is near expiration and if it is we're gonna issue a new one automatically install that so you really never have to worry about it again guys if you have any questions about this let me know in the comments below check out some of my other videos on ssl certificates here subscribe for more videos like this for me in the future and if you do i will see you in the next one

Info

Channel: Tony Teaches Tech

Views: 16,915

Rating: undefined out of 5

Keywords: free ssl auto renew, ssl for free auto renew, ssl auto renew, auto renew ssl certificate, automatic ssl certificate renewal, renew ssl certificate, ssl renewal, renew let's encrypt ssl certificate, renew ssl let's encrypt, let's encrypt ssl certificate renewal, let's encrypt ssl auto renew

Id: ghZXFyIyK1o

Channel Id: undefined

Length: 7min 56sec (476 seconds)

Published: Thu Oct 07 2021