Adding SSL (Well, TLS) to a website has never been easier. I recently started hosting 3 different WordPress sites (this being one of them).
With the use of Let’s Encrypt’s support for SNI I don’t need multiple public IPs… awesome.
I did this on Ubuntu 16.04.3:
sudo apt-get update sudo apt-get install software-properties-common sudo add-apt-repository ppa:certbot/certbot sudo apt-get update sudo apt-get install python-certbot-apache
sudo certbot –apache
(when prompted, added all sites including www.) I did this twice, first time I was using all default sites in apache, this gives the error about unable to determine domain name, when I did it on the vHosts version, it populated the sites automatically.
sudo certbot renew --dry-run
This was just to test the renewal process (that it works).
crontab -e 0 0 * * * certbot renew
On a side note, I did have to go in and in a couple of key places on in WordPress, change the domain to include the https:// rather than http://. If I hadn’t, the encrypted lock has the warning that some of the media (specifically uploaded before the SSL add-on) will permanently have the http:// on the embedded address.