Cara Install SSL Gratis di Apache Ubuntu Server 20.04 | alvianaufan
Highlights:
Search for:
Mas AL
log in

BLOG IT SYSADMIN

Daftar akun digitalocean untuk mendapatkan free credit 100$.
DigitalOcean Referral Badge
Apache certbot SSL ubuntu

Cara Install SSL Gratis di Apache Ubuntu Server 20.04

By
cara install SSL Gratis di ubuntu server 20.04

Apakah bisa SSL terinstall gratis dan seumur hidup?

Jawabannya bisa, karena sudah ada SSL gratis yang disediakan oleh Provider SSL Lets Encrypt. Caranya gampang, anda perlu install Apache, di Ubuntu Server 20.04 nya dan buat virtual host domain/subdomain anda contohnya disini saya menggunakan subdomain ssl.alvianaufan.my.id.



  1. Buat file .conf untuk setting virtual hostnya: 
    nano /etc/apache2/conf-enable/vhost.conf

    – Lalu masukkan code berikut:

    <VirtualHost *:80>
ServerAdmin webmaster@alvianaufan.my.id
DocumentRoot "/var/www/html"
ServerName ssl.alvianaufan.my.id
ServerAlias www.ssl.alvianaufan.my.id
ErrorLog /etc/apache2/error.log
CustomLog /etc/apache2/access.log common
</VirtualHost>

    – Save dan exit.

  2. Pastikan untuk subdomain ssl.alvianaufan.my.id dan alias www.ssl.alvianaufan.my.id sudah mengarah ke alamat IP Apache Server nya. Bisa setting melalui panel nameserver domain utamanya ya. Contohnya disini saya menggunakan panel nameserver cloudflare:cloudflare ssl alvianaufan
  3. Setelah itu install certbot python3 melalui console server. 
    apt install certbot python3-certbot-apache
  4. Jalankan generate SSL nya menggunakan command certbot: 
    certbot --apache -d ssl.alvianaufan.my.id -d www.ssl.alvianaufan.my.id
    Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for ssl.alvianaufan.my.id
http-01 challenge for www.ssl.alvianaufan.my.id
Waiting for verification...
Cleaning up challenges
Created an SSL vhost at /etc/apache2/conf-enabled/vhost-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/conf-enabled/vhost-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/conf-enabled/vhost-le-ssl.conf

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2

Redirecting vhost in /etc/apache2/conf-enabled/vhost.conf to ssl vhost in /etc/apache2/conf-enabled/vhost-le-ssl.conf

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://ssl.alvianaufan.my.id and
https://www.ssl.alvianaufan.my.id

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=ssl.alvianaufan.my.id
https://www.ssllabs.com/ssltest/analyze.html?d=www.ssl.alvianaufan.my.id
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/ssl.alvianaufan.my.id/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/ssl.alvianaufan.my.id/privkey.pem
   Your cert will expire on 2022-04-06. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot again
   with the "certonly" option. To non-interactively renew *all* of
   your certificates, run "certbot renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le
  5. Jika sudah silahkan cek akses subdomain nya melalui browser.ssl success
    – SSL sudah berhasil aktif dan pada keterangan periode aktif nya hanya 3 bulan. Dan setelah 3 Bulan maka certbot akan menjalankan generate SSL baru secara otomatis.
  6. Pastikan status certbot.timer nya aktif, agar auto generate ssl nya dapat berjalan dengan sendirinya. 
    systemctl status certbot.timer
    ● certbot.timer - Run certbot twice daily
     Loaded: loaded (/lib/systemd/system/certbot.timer; enabled; vendor preset: enabled)
     Active: active (waiting) since Tue 2021-12-21 08:12:12 WIB; 2 weeks 2 days ago
    Trigger: Fri 2022-01-07 09:38:38 WIB; 7h left
   Triggers: ● certbot.service

Dec 21 08:12:12 ubuntu-s-1vcpu-2gb-sgp1-01 systemd[1]: Started Run certbot twice daily.

 

Cara install Grafana Loki dengan Docker Compose untuk Monitoring Log
Trending

Cara install Grafana Loki dengan Docker Compose untuk Monitoring Log

Demikian cara install SSL Gratis di Apache, Ubuntu Server 20.04. Silahkan bila ada yang ingin bertanya atau menemui kendala bisa tulis di kolom komentar ya 🙂



Related Posts

3 Comments

Write A Comment