One of my most proud accomplishments of late is finally, after 7 years of [web development](https://hackernoon.com/tagged/web-development), having one of my personal sites be secured with a valid SSL certificate. Now, this may not sound like such a big thing to some more seasoned developers, but to me, it’s kind of a big deal. My wife had to witness me have a nerdgasm afterward, as I tried to explain to her the significance of having an SSL certificate. Mainly it came down to having that satisfying little green lock with the word “Secure” next to it.\n\nNow, anyone who has tried to get an SSL certificate in the past knows that they are a pain in the but to get. There are hundreds of providers and they can be expensive. Unfortunately, for those exact reasons SSL certificates aren’t usually seen as a priority for smaller sites such as personal blogs like this. Thankfully [The Linux Foundation](https://www.linuxfoundation.org/), as well as [a myriad of other supporters](https://letsencrypt.org/sponsors/), have come to the rescue in the form of [Let’s Encrypt](https://letsencrypt.org/).\n\nAccording to Let’s Encrypt’s website:\n\n> Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. It is a service provided by the [Internet Security Research Group (ISRG)](https://letsencrypt.org/isrg/).\n\nWhat does this mean for us as developers? It simply means that securing your website isn’t just for the big boys anymore. Any developer with a little bit of terminal knowledge can generate and install their very own certificate and get that comforting little “Secure” emblem next to their website’s URL.\n\n#### So, how do I get started?\n\nGetting started with Let’s Encrypt is super fairly easy. First of all, you should know that my primary development machine right now is running [Ubuntu](https://blog.cwatsondev.com/stop-paying-for-ssl-certificates/). Yours might be different and that’s okay. The [Certbot](https://certbot.eff.org/) client works with almost all Unix-based operating systems. Those with Non-Unix systems, such as Windows running Microsoft IIS, aren’t completely out of luck, but my instructions here won’t help. You might try using something like [ACMESharp](https://github.com/ebekker/ACMESharp) instead.\n\nFor Debian-based Linux distributions such as Ubuntu, the process is fairly straightforward. First, you’ll need to open a terminal window. For those that aren’t familiar with the terminal this can be daunting, but fear not! The terminal isn’t as scary as it first appears.\n\nPaste the following commands into the terminal, making sure to respond yes to any prompts.\n\n sudo apt-get install software-properties-common sudo add-apt-repository ppa:certbot/certbot sudo apt-get update\n\nAfter the update has finished, enter the following command. For this example I’m using `nginx`, if you're using `apache` you should install `python-certbot-apache` instead.\n\n sudo apt-get install python-certbot-nginx\n\nOnce the plugin is installed, run the following to generate a cert and automatically add it to your `nginx` configuration file.\n\n certbot --nginx\n\nIt’s also possible to get a little more control when installing your certs. For instance, with this blog I used the `--webroot` flag to have a validation file placed into this site's root in order for Let's Encrypt to verify that this site is mine. The full command I used was:\n\n certbot --webroot -w /var/www/my-blog -d blog.cwatsondev.com -d www.blog.cwatsondev.com\n\nThis installed both certs and then verified that my sites were where I said they were.\n\nFinally, these certificates expire after 90 days, so you will need to renew them often. The easiest way to do that is to run the `certbot renew --dry-run` command. This creates a `cron job` that will auto-renew the certificate for you.\n\nCongratulations! You now have an [SSL](https://hackernoon.com/tagged/ssl) certificate installed! All of the instructions above are also listed on the [Certbot Website](https://certbot.eff.org/) for a myriad of different distros.\n\nThis article is also available on my personal blog at [https://blog.cwatsondev.com](https://blog.cwatsondev.com). Please check it out!\n\nEdit: For people that are wondering about the “super fairly easy”, check out my [blog](https://blog.cwatsondev.com). The original version has a strike through and that didn’t translate here.