So, we have a Virtual Private Server (I prefer Digital Ocean) hosting a website or a WordPress blog, and we want to look serious by adding an SSL certificate, so the visitors could use https instead of http.
There are a couple of easy steps to do that. First, I will assume you only have one site on that VPS, so no virtual hosts are set up. First two commands are for installing certbot:
sudo add-apt-repository ppa:certbot/certbot
sudo apt update
sudo apt-get install python-certbot-apache
Next, we will obtain an SSL certificate:
sudo certbot –apache -d example.com -d http://www.example.com
Of course, we need to replace example.com with the actual name of the domain.
Enter your email address, then agree with the Terms of Service.
When asked if we want to redirect all http traffic to https, answer yes by choosing number 2.
Also, when asked about the virtual host, choose the second one (since we don’t have virtual hosts configured), that is the one with our domain name next to it. In my case, the virtual host file was named 000-default-le-ssl.conf
Once the certificate is successfully installed, run this:
sudo certbot renew –dry-run
If we see no errors, then the auto-renewal is enabled.
Now, there is a glitch to this: The browser might show a yellow exclamation mark, like this:
If the website already has images or other internal links on it, the URL’s that points to those images have to be changed to https://path_to_image. Yes, just by adding an s to the link, nothing else. So, it is a better practice to add the certificate before deploying the website or installing WordPress.
If all is done, the browser will give a green light. Like this: