So you have setup your Raspberry Pi and got LAMP (Linux, Apach2, MySQL, PHP) running. This means you more then likely have a small website of some sort running, either for local use or external use. Well if you are using it for external use so others can see it outside of your network, you may want to setup SSL. For this little side project I am going to use the community Pi-Box and Let’sEncrypt.
Setting up CertBot
First you will want to update your packages list and check for any system updates.
sudo apt update
if their are available updates you will then want to proceed to update your system.
sudo apt dist-upgrade
Apache Certbot plugin
This will install the Certbot’s apache plugin to get certbot to correctly work with apache when trying to get your SSL certificate.
sudo apt install python-certbot-apache
Installing Certbot Itself
What’s the use of installing a plugin for Certbot if you don’t have or use Certbot? Certbot is what we use to get our SSL certificate setup with Let’sEncrypt and is a great help since it and Let’sEncrypt is both free.
sudo apt install certbot
Setup the SSL Certificate (Finally)
Alright, now it is time to officially accept the SSL certificate and standard for Pi-Box’s website.
sudo certbot --apache
This should setup your certificate IF the challenge doesn’t error out with
If Error Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.
In my case it did so to fix this you will run the below command instead
sudo certbot --authenticator standalone --installer apache -d <domain> --pre-hook "systemctl stop apache2" --post-hook "systemctl start apache2"
Just follow it’s prompts as you did in
sudo certbot --apache and visit your domain with https instead of http. It’s also worth using the secure option when promted which will redirect all traffic to https.