Airnode HostingHow to Get Free SSL Certificates for Your Website
What is SSL?
SSL makes your website secure. It shows a green lock in the browser and protects your visitors' data.
SSL certificates make your website use HTTPS instead of HTTP. This is important for security and Google likes it too!
Why Do You Need SSL?
- Keep data safe - Information sent to your website is encrypted
- Build trust - Visitors see a green lock in their browser
- Better Google ranking - Google prefers secure websites
- Required for modern features - Many web apps need HTTPS
Important
You need a domain name (like mywebsite.com) to get an SSL certificate. You cannot get one for just an IP address.
Getting Free SSL with Let's Encrypt
Let's Encrypt gives you free SSL certificates. They work just as well as paid ones!
Step 1: Install Certbot
Certbot is a tool that makes getting SSL certificates very easy.
# For Ubuntu/Debian
sudo apt update
sudo apt install certbot
# For CentOS/RHEL
sudo yum install certbotStep 2: Get Your SSL Certificate
# Replace "yourdomain.com" with your actual domain
sudo certbot certonly --standalone -d yourdomain.comThis command will:
- Check that you own the domain
- Create your SSL certificate
- Save it on your server
Step 3: Set Up Auto-Renewal
SSL certificates expire after 90 days. Let's set up automatic renewal:
# Test the renewal process
sudo certbot renew --dry-run
# Add to crontab to renew automatically
sudo crontab -eAdd this line to the crontab:
0 12 * * * /usr/bin/certbot renew --quietThis will try to renew your certificate every day at noon.
Setting Up SSL with Nginx
If you use Nginx as your web server:
Step 1: Create Nginx Configuration
sudo nano /etc/nginx/sites-available/yourdomain.comStep 2: Add This Configuration
server {
listen 80;
server_name yourdomain.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name yourdomain.com;
ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem;
root /var/www/html;
index index.html;
}Step 3: Enable the Site
# Create a link to enable the site
sudo ln -s /etc/nginx/sites-available/yourdomain.com /etc/nginx/sites-enabled/
# Test the configuration
sudo nginx -t
# Restart Nginx
sudo systemctl restart nginxSetting Up SSL with Apache
If you use Apache as your web server:
Step 1: Enable SSL Module
sudo a2enmod ssl
sudo systemctl restart apache2Step 2: Create Virtual Host
sudo nano /etc/apache2/sites-available/yourdomain.com.confStep 3: Add This Configuration
<VirtualHost *:80>
ServerName yourdomain.com
Redirect permanent / https://yourdomain.com/
</VirtualHost>
<VirtualHost *:443>
ServerName yourdomain.com
DocumentRoot /var/www/html
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/yourdomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.com/privkey.pem
<Directory /var/www/html>
AllowOverride All
</Directory>
</VirtualHost>Step 4: Enable the Site
sudo a2ensite yourdomain.com.conf
sudo systemctl restart apache2Testing Your SSL Certificate
After setting everything up, test your SSL:
- Visit your website - Make sure it shows HTTPS
- Check the lock icon - Should be green in your browser
- Test with SSL Labs - Go to https://www.ssllabs.com/ssltest/
Common Problems and Solutions
Problem: "Domain validation failed"
Solution: Make sure your domain points to your server's IP address.
Problem: "Port 80 is already in use"
Solution: Stop your web server temporarily:
sudo systemctl stop nginx # or apache2Problem: Certificate not working
Solution: Check that your web server configuration points to the right certificate files.
Security Tips
- Keep certificates updated - Let's Encrypt auto-renewal handles this
- Use strong SSL settings - Modern web servers do this automatically
- Monitor expiration - Check your certificates regularly
Congratulations!
Your website is now secure with HTTPS! Visitors will see a green lock and their data will be protected.