Support Online
MirrorLooking Glass
GenixNodeGenixNode
Client Panel
Skip to main content

Installing Apache and Let's Encrypt SSL on Debian 10

In this guide, **Installation of Apache web server on Debian 10, Virtual Host configuration and Free SSL certificate installation with Let's Encrypt are explained step by step.

Once the installation is complete, your website will provide secure connection via HTTPS.

Prerequisites

Before starting the installation, ensure that the following requirements are met:

  • A server with Debian 10 installed
  • User with authority sudo
  • SSH or terminal access
  • The domain name is directed to the server IP address

System Updates

It is important for the server to be up to date for security and stability.

sudo apt update && sudo apt upgrade -y

Apache Web Server Installation

You can install the Apache package from Debian repositories.

sudo apt install apache2 -y

Check that the Apache service is running:

sudo systemctl status apache2

You can verify that Apache is running by visiting the server IP address from the browser.

http://SUNUCU-IP

Enabling Apache Modules

Some Apache modules are required for SSL and routing operations.

sudo a2enmod rewrite
sudo a2enmod ssl
sudo a2enmod headers

Then restart the Apache service:

sudo systemctl restart apache2

Virtual Host Configuration

Create a Virtual Host file for your domain.

sudo nano /etc/apache2/sites-available/example.com.conf

Example Virtual Host configuration:

<VirtualHost *:80>
    ServerName example.com
    ServerAlias www.example.com

    DocumentRoot /var/www/example.com

    <Directory /var/www/example.com>
        AllowOverride All
        Require all granted
    </Directory>
</VirtualHost>

Enable Virtual Host:

sudo a2ensite example.com.conf
sudo systemctl reload apache2

Let's Encrypt SSL Setup with Certbot

Let's Encrypt offers free and auto-renewable SSL certificates.

Certbot installation:

sudo apt install certbot python3-certbot-apache -y

Creating an SSL certificate:

sudo certbot --apache -d example.com -d www.example.com

Certbot automatically updates the Apache configuration after completing the process.

SSL Auto-Renewal

Let's Encrypt certificates are valid for 90 days and are automatically renewed by Certbot.

To test the refresh process:

sudo certbot renew --dry-run

HTTP → HTTPS Redirect

Redirecting all HTTP traffic to HTTPS is recommended for security purposes.

You can add the following rules in VirtualHost:

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R=301,L]

Firewall Settings

If UFW or Firewalld is active on the server, HTTP and HTTPS ports must be open.

For UFW:

sudo ufw allow 'Apache Full'

For Firewalld:

sudo firewall-cmd --add-service=http --permanent
sudo firewall-cmd --add-service=https --permanent
sudo firewall-cmd --reload

Testing SSL Configuration

Check Apache configuration:

sudo apache2ctl configtest

To test SSL connection, visit:

https://example.com

Frequently Asked Questions

How long is the Let's Encrypt certificate valid?

Let's Encrypt certificates are valid for 90 days and are automatically renewed by Certbot.

How does Certbot auto-renewal work?

Certbot renews certificates before they expire by creating a cron job or systemd timer in the system.

Is HTTPS redirect mandatory?

It is not mandatory but recommended for security and SEO reasons.

Result

In this guide:

Installed Apache on Debian 10 Virtual Host configured Let's Encrypt SSL certificate created HTTPS redirection set

Now your website is ready to publish securely over HTTPS.

You can implement this setup on GenixNode servers in minutes.