$ wget https://dl.eff.org/certbot-auto
$ chmod a+x certbot-auto

$ ./certbot-auto

Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:

$ ./path/to/certbot-auto --apache

If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:

$ ./path/to/certbot-auto --apache certonly

To learn more about how to use Certbot read our documentation.

Automating renewal

Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:

$ ./path/to/certbot-auto renew --dry-run

If that appears to be working correctly, you can arrange for automatic renewal by adding a cronor systemd job which runs the following:

$ ./path/to/certbot-auto renew --quiet

More detailed information and options about renewal can be found in the full documentation.

Note:
         if you're setting up a cron or systemd job, we recommend running it twice per day (it won't do anything until your certificates are due for renewal or revoked, but running it regularly would give your site a chance of staying online in case a Let's Encrypt-initiated revocation happened for some reason). Please select a random minute within the hour for your renewal tasks.