LetsEncrypt with an Apache vHost on a Ubuntu 12.04 server

Anyone who has gone through the trouble of setting up a secure website knows what a hassle getting and maintaining a certificate can be. Let’s Encrypt automates away the pain and lets site operators turn on and manage HTTPS with simple commands.
No validation emails, no complicated configuration editing, no expired certificates breaking your website. And of course, because Let’s Encrypt provides certificates for free, no need to arrange payment.

So, here are the steps:
  1. sudo-su-d into root account and enabled the ssl module:
    $ a2enmod ssl
$ service apache2 restart
  2. I installed the letsencrypt client:
    $ git clone https://github.com/letsencrypt/letsencrypt
$ cd letsencrypt
  3. Shut down Apache, then requested a new certificate and started Apache up again.
    $ service apache2 stop
$ ./letsencrypt-auto certonly --standalone --email info@edusoftcenter.com  -d edusoftcenter.com
$ service apache2 start
    Now we have a lovely certificate!
  4. Now went into the config file of virtual host and changed things around a bit. I am sure that it is frowned upon to put two VirtualHost directives with two different ports into one config file, 
    <VirtualHost *:80>
 ServerName edusoftcenter.com
 Redirect "/" "https://edusoftcenter.com/"</VirtualHost>
 
<VirtualHost *:443>
 ServerName example.com
 DocumentRoot "/var/www/edusoft/public"
 DirectoryIndex index.htm
 <Directory /var/www/edusoft/public>
  Options FollowSymLinks
  AllowOverride All
 </Directory>
 SSLEngine on
 SSLCertificateFile /etc/letsencrypt/live/edusoftcenter.com/cert.pem
 SSLCertificateKeyFile /etc/letsencrypt/live/edusoftcenter.com/privkey.pem
 SSLCertificateChainFile /etc/letsencrypt/live/edusoftcenter.com/fullchain.pem
</VirtualHost>
    One more apache restart
    $ service apache2 restart
    and that was it.
  5. As of version 0.4.0, the letsencrypt python client supports a high-level renew subcommand that attempts to renew all of your certs using the same settings that you originally used to obtain them. You can test it out by running:
    letsencrypt renew --dry-run
    which will obtain test certs, and shouldn’t leave any persistent changes on your system. If you like the results, you can run:
    letsencrypt renew
  6. The following command can be used to revoke a particular certificate.
   $ letsencrypt revoke --cert-path example-cert.pem