Let's Encrypt

is a free, automated, and open Certificate Authority.

To enable HTTPS on your website, you need to get a certificate (a type of file) from a Certificate Authority (CA).
Let's Encrypt is a CA. In order to get a certificate for your website’s domain from Let’s Encrypt, you have to demonstrate control over the domain.

We use Certbot for deploying Let's Encrypt certificates
Certbot is an easy-to-use automatic client that fetches and deploys SSL/TLS certificates for your webserver

Prerequisites

• You must have a domain name belonging to you and valid that is pointing to the lip of the server. (Count 24 to 48h after modification of the DNS)
• A valid email address for receive messages from letsencrypt regarding the renewal of your certificate.
• Have installed the server with HiwsT

It is assumed that you want to use "your-domain.xxx" and "www.your-domain.xxx" indiscriminately: both will be certified.

During the deployment of the certificate

If an issue occurs at the execution of the script you will be notified and the parameters already modified will be returned in the previous state, allow you to accede as previously to your sites.

• If webmin is installed, its server is updated to use this certificate.
• If ownCloud is installed, "your-domain.xxx" and "www.your-domain.xxx" will be integrated into the trusted domains of the cloud.
• If ownCloud is subsequently installed its trusted domains will be updated.
• phpMyAdmin, ruTorrent will use this certificate without modification.
• openVpn has its own certificates.

Après le dépoiement du certificat

• You will no longer block your browser as the connection is not safe.
• You will have a nice green padlock in Icon ;)
• A really safer connection!

The lifetime of the certificate is 90 days, a cron job is installed to renew it every 60 days automatically.
Also this task checks every day that your certificate has not been revoked.

So you do not have to worry about renewal.