SSL Certificates are what is required for securing the data that travels over the internet from your browser to the server. A website owner with an SSL Certificate can configure their server to use the ‘https’ protocol for traffic to and from their website. With that in place, most browsers will indicate to the user that the site is secured by showing a small padlock icon in the browser.
Setting up SSL for your domain can be done easily by setting up your own self-signed certificate. Here are the full instructions for setting up you own self-signed SSL certificate.
1) Install Homebrew
Homebrew is a Package manager for Mac and Linux. It can also work with Windows 10 or higher by using Windows WSL
# on Mac
$ /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install.sh)"
2) Install Certbot
Once Homebrew is installed you can easily install Certbot with:
# on Mac
brew install certbot
OR
# on Linux
sudo apt-get update
sudo apt-get install software-properties-common
sudo add-apt-repository universe
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
3) Generate a SSL Certificate
Then, generate a new certificate as follows:
sudo certbot certonly --manual --preferred-challenges dns
You will be asked to enter the domain (including subdomains you want the certificate for.
Please enter in your domain name(s) (comma and/or space separated) (Enter 'c'
to cancel): yourdomain.com www.yourdomain.com
In the above, I’m specifying to add both the non-www and the www subdomains.
Next Certbot will ask for you to add a DNS txt record for each subdomain you added. You will need to login to your domain registrar and complete the process of adding the requested txt records.
After that, at the command prompt, when you hit ‘Enter’ to continue, you will be given a URL to check that your DNS txt records are confirmed. Do not go any further at your command line until after the changes can be confirmed at the URL provided by Certbot.
Before continuing, verify the record is deployed.
– – – – [a url where you can check will be here ]- –
Press Enter to Continue
This might takes hours so be patient…
Once you can confirm the changes at the url, press ‘Enter’ to to continue.
You will be presented with information similar to the following:
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/yourdomain.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/yourdomain.com/privkey.pem
Your cert will expire on 2022-09-30. To obtain a new or tweaked
version of this certificate in the future, simply run certbot
again. To non-interactively renew *all* of your certificates, run
"certbot renew"
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
Your SSL certificate and your private key have been created on your file system at the locations specified.
- Make note of the file paths where that saved your fullchain.pem and privkey.pem. You will be needing that info in order to use the SSL
Conclusion
We used Certbot to generate our LetsEncrypt SSL certificate. The SSL certificate and the full chain were written to our file system. We made note of where they were written so we can use them when we are ready.
Elixm.com 
Leave a comment