Certbot

Certbot is an open source software tool that facilitates the automatic utilization of Let's Encrypt certificates on manually-managed websites to implement HTTPS. This tool is a product of the Electronic Frontier Foundation (EFF), a San Francisco-based 501(c)3 nonprofit organization committed to safeguarding digital privacy, promoting freedom of speech, and fostering innovation.

As part of EFF's initiative to encrypt the Internet, Certbot plays a significant role in ensuring secure communication over the web. This secure communication is dependent on HTTPS, which necessitates the use of a digital certificate for browsers to authenticate the identity of web servers. Certbot serves as an accessible client that retrieves a certificate from Let's Encrypt, an open certificate authority initiated by the EFF, Mozilla, and other entities, and deploys it to a web server. This tool is particularly useful for those who are familiar with the command line, have an HTTP website that's already online with port 80 open, and manage their website via a dedicated server, virtual private server or cloud-hosted server with ssh access and sudo capabilities.

Certbot's current features include compatibility with multiple web servers such as Apache 2.4+, nginx/0.8.48+, webroot, and standalone, among others through third-party plugins. It generates the private key locally on your system and can communicate with the Let's Encrypt CA or optionally with other ACME compliant services. Certbot is capable of obtaining domain-validated (DV) certificates and revoking certificates. It supports ECDSA (default) and RSA certificate private keys. Additionally, it can optionally install an http to https redirect, enabling your site to run https only. Certbot's operations are fully automated, and it logs configuration changes, which can be reverted if necessary.