How to Set Up HTTPS

HTTPS encrypts communication between browsers and your server using SSL/TLS certificates. Let's Encrypt provides free 90-day certificates, and modern tools like Certbot automate the entire setup.

Try SSL/TLS Guide

Overview

HTTPS is no longer optional — Google marks HTTP sites as Not Secure, and HTTPS is required for modern browser features like service workers, geolocation, and secure cookies. Setting up HTTPS is free and automated with Let's Encrypt and Certbot.

Prerequisites

A registered domain name pointing to your server
SSH access to your web server (or a hosting control panel)
Port 80 and 443 open in your firewall

Step-by-Step Instructions

Install Certbot

Certbot is the official Let's Encrypt client. Install it on your server: sudo apt install certbot python3-certbot-nginx # or for Apache: sudo apt install certbot python3-certbot-apache

Obtain a certificate

Run Certbot to automatically obtain and install a certificate: sudo certbot --nginx -d example.com -d www.example.com Certbot automatically configures HTTPS and HTTP-to-HTTPS redirects.

Auto-renew certificates

Let's Encrypt certificates expire after 90 days. Certbot sets up automatic renewal via a systemd timer or cron job: sudo certbot renew --dry-run

Verify your setup

Test your HTTPS configuration using online tools like SSL Labs SSL Server Test. Check for A+ rating.

Common Mistakes to Avoid

Not setting up automatic renewal — expired certificates cause browser security warnings
Including www and non-www as separate domains in the certificate — use both with SAN (Subject Alternative Names)
Using weak cipher suites — prefer TLS 1.3 with AEAD ciphers (AES-GCM, ChaCha20-Poly1305)
Forgetting to redirect HTTP to HTTPS — users may accidentally visit the unencrypted version

Frequently Asked Questions

Is Let's Encrypt really free?

Yes, Let's Encrypt is a free, automated, and open certificate authority run by the Internet Security Research Group (ISRG). Over 300 million websites use it.

What is the difference between DV, OV, and EV certificates?

DV (Domain Validated) — basic encryption, verifies domain ownership only. OV (Organization Validated) — verifies organization identity. EV (Extended Validation) — highest level with green address bar.

Step-by-Step Instructions

Install Certbot

Certbot is the official Let's Encrypt client. Install it on your server: sudo apt install certbot python3-certbot-nginx # or for Apache: sudo apt install certbot python3-certbot-apache

Obtain a certificate

Run Certbot to automatically obtain and install a certificate: sudo certbot --nginx -d example.com -d www.example.com Certbot automatically configures HTTPS and HTTP-to-HTTPS redirects.

Auto-renew certificates

Let's Encrypt certificates expire after 90 days. Certbot sets up automatic renewal via a systemd timer or cron job: sudo certbot renew --dry-run

Verify your setup

Test your HTTPS configuration using online tools like SSL Labs SSL Server Test. Check for A+ rating.

Common Mistakes to Avoid

Not setting up automatic renewal — expired certificates cause browser security warnings

Including www and non-www as separate domains in the certificate — use both with SAN (Subject Alternative Names)

Using weak cipher suites — prefer TLS 1.3 with AEAD ciphers (AES-GCM, ChaCha20-Poly1305)

Forgetting to redirect HTTP to HTTPS — users may accidentally visit the unencrypted version

Frequently Asked Questions

Is Let's Encrypt really free?

Yes, Let's Encrypt is a free, automated, and open certificate authority run by the Internet Security Research Group (ISRG). Over 300 million websites use it.

How to Set Up HTTPS

Overview

Prerequisites

Step-by-Step Instructions

Install Certbot

Obtain a certificate

Auto-renew certificates

Verify your setup

Common Mistakes to Avoid

Related Tools

Frequently Asked Questions

Is Let's Encrypt really free?

What is the difference between DV, OV, and EV certificates?

How to Set Up HTTPS

Overview

Prerequisites

Step-by-Step Instructions

Install Certbot

Obtain a certificate

Auto-renew certificates

Verify your setup

Common Mistakes to Avoid

Related Tools

Frequently Asked Questions

Is Let's Encrypt really free?

What is the difference between DV, OV, and EV certificates?