DEV Community

Cover image for How to create an SSL certificate with Let’s Encrypt
Brian W.
Brian W.

Posted on

How to create an SSL certificate with Let’s Encrypt

In this concise tutorial, I will cover how you can set up a trusted SSL certificate for free with Let’s Encrypt. SSL certificates are crucial for any website, because they encrypt data transmitted between the server and the user’s browser, helping ensure privacy and security. They also validate the website’s security, which can help your website gain trustworthiness.

First, launch your Linux terminal and run the following commands to install and run Certbot, which will allow us to generate a certificate:

sudo apt install snapd; # Only run if you don't have snapd installed
sudo snap install core; sudo snap refresh core; sudo snap install --classic certbot;

certbot certonly --manual;
Enter fullscreen mode Exit fullscreen mode

Once you run the following commands, you will be asked to enter the domain name. Then, you will be prompted to verify your ownership of this domain by serving a file on your website. Follow the instructions to verify your website.

After you successfully verify your domain, Certbot will generate three different .pem files:

  • Private Key (privkey.pem): This file contains the private key, which is kept secret and is used to decrypt data that has been encrypted with the public key.
  • Certificate (cert.pem): This file contains the public key and other identifying information about your website and the Certificate Authority (CA).
  • Certificate Chain (chain.pem): This file contains the intermediate certificates that link your certificate back to the root certificate of the CA.

These files will likely be located in /etc/letsencrypt/live/yourdomain.com, unless otherwise stated by Certbot. You may now use the certificate for your website!

For example, you can use the following code to use your SSL certificates in Node.js:

const privateKey = fs.readFileSync('/etc/letsencrypt/live/yourdomain.com/privkey.pem', 'utf8');
const certificate = fs.readFileSync('/etc/letsencrypt/live/yourdomain.com/cert.pem', 'utf8');
const ca = fs.readFileSync('/etc/letsencrypt/live/yourdomain.com/chain.pem', 'utf8');

const server = https.createServer({ key: privateKey, cert: certificate, ca: ca }, app);
server.listen(443);
Enter fullscreen mode Exit fullscreen mode

Congratulations, you have successfully issued your own SSL certificates for your website! If you found this guide helpful, or have any thoughts, let me know in the comments! Bye for now. 👋

Top comments (0)