Installing Certbot on Raspbian Jessie Lite for deploying Let’s Encrypt certificates

Certbot + Raspbian logo

Let's Encrypt is an awesome open certificate authority that give digital certificates for free. The introduction of Let's Encrypt had given ordinary folks like me the ability to host their own website that browsers will mark as secured - without paying hefty fees. Matching Let's Encrypt with Raspberry Pi, we can easily deploy secure applications at home to serve clients anytime, anywhere.

The issuance of digital certificates is automated by software using the ACME protocol. We will need to run such a software on the devices which are going to serve as web hosts which speak HTTPS. Let's Encrypt recommends that people with shell access use the Certbot ACME client to request for Let's Encrypt certificates.

Since I had recently setup a reverse proxy server with nginx, Raspbian Jessie Lite and Raspberry Pi 3 with the shell terminal, I continue on to install Certbot on the Raspbian Jessie Lite operating system for deploying Let's Encrypt certificates for my reverse proxy server to serve HTTPS traffic on behalf of future upstream servers.

Building your reverse proxy server with nginx, Raspbian Jessie Lite and Raspberry Pi 3

If you do not have a copy of Raspbian Jessie Lite on a Raspberry Pi, you may want to follow my previous article on how to build your reverse proxy server with nginx, Raspbian Jessie Lite and Raspberry Pi 3.

Installing Certbot

Since Raspbian Jessie Lite is based on Debian Jessie, we will follow the instructions for installing Certbot on Debian Jessie.

We first add backports to /etc/apt/sources.list:

sudo sed -i "$ a\deb http://ftp.debian.org/debian jessie-backports main" /etc/apt/sources.list

And run the following commands to install Certbot:

sudo apt-get update
sudo apt-get install certbot -t jessie-backports -y --force-yes

Once the commands complete successfully, we will be able to retrieve digital certificates from Let's Encrypt for our Raspbian Jessie Lite reverse proxy server to serve HTTPS traffic on behalf of future upstream servers.

About Clivant

Clivant a.k.a Chai Heng enjoys composing software and building systems to serve people. He owns techcoil.com and hopes that whatever he had written and built so far had benefited people. All views expressed belongs to him and are not representative of the company that he works/worked for.