How to Install Apache web server with Let’s Encrypt SSL on Ubuntu

Apache is a free, open source and one of the most popular web servers developed and maintained by the Apache Software Foundation. It can be installed on all common operating systems such as Linux, Windows, macOS, Solaris, etc. It is customizable and can be integrated with other modules. It is fast, secure, reliable and is used for simple static or incredibly dynamic websites. Apache offers very useful features such as loadable dynamic modules, automatic indexing, IPv6 compatibility, Gzip compression, load balancing, URL rewriting and much more.

In this article, we will show you how to install the Apache web server with Let's Encrypt on Ubuntu 22.04.

Requirements

• A server running Ubuntu 22.04.
• A valid domain name that points to the IP of your server.
• A root password is configured on the server.

Install Apache on Ubuntu 22.04

By default, the Apache web server package is included in the Ubuntu 22.04 default repository. You can install it with the following command:

apt install apache2 -y

After the successful installation, start the Apache service and activate it with the following command so that it is started when the system is restarted:

systemctl start apache2
systemctl enable apache2

To check the status of Apache, run the following command:

systemctl status apache2

You should get the following output:

? apache2.service - The Apache HTTP Server
     Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
     Active: active (running) since Thu 2022-05-12 15:18:01 UTC; 55s ago
       Docs: https://httpd.apache.org/docs/2.4/
   Main PID: 919 (apache2)
      Tasks: 55 (limit: 2292)
     Memory: 5.3M
        CPU: 56ms
     CGroup: /system.slice/apache2.service
             ??919 /usr/sbin/apache2 -k start
             ??921 /usr/sbin/apache2 -k start
             ??922 /usr/sbin/apache2 -k start

May 12 15:18:01 ubuntu systemd[1]: Starting The Apache HTTP Server...

Install UFW firewall

By default, the UFW firewall is not installed on the Ubuntu 22.04 server. You can install it by executing the following command:

apt install ufw -y

Once the UFW firewall is installed, list all applications with the following command:

ufw app list

The following output will give you a list of all available applications in the UFW:

Available applications:
  Apache
  Apache Full
  Apache Secure
  OpenSSH

Now allow the Apache service and the OpenSSH service completely with the following command:

ufw allow 'Apache Full'
ufw allow OpenSSH

Now activate the UFW firewall so that it starts after the system reboot:

ufw enable

Next, check the status of the UFW firewall with the following command:

ufw status

You should see the following output:

Status: active

To                         Action      From
--                         ------      ----
Apache Full                ALLOW       Anywhere                  
OpenSSH                    ALLOW       Anywhere                  
Apache Full (v6)           ALLOW       Anywhere (v6)             
OpenSSH (v6)               ALLOW       Anywhere (v6)             

Now open your web browser and access the Apache web server test page via the URL http://your-server-ip. You should see the Apache test page on the following screen:

When you're done, you can proceed to the next step.

Configure Apache Virtual Host

Apache offers virtual hosting features that allow you to host multiple websites on a single server. In this section, we'll show you how to set up an Apache virtual host on Ubuntu 22.04.

Create a directory for Apache Virtual Host

First, you need to create a directory for your website. We'll create a directory for a website called test.example.com.

mkdir -p /var/www/html/test.example.com

Next, use the command below to change the ownership of the created directory to the www-data user and group:

chown -R www-data:www-data /var/www/html/test.example.com

Next, use the following command to create a simple HTML page for your website:

nano /var/www/html/test.example.com/index.html

Paste the following code:

<html>
 <head>
  <title>Welcome to test.example.com</title>
 </head>
 <body>
   <h1>Success!  Apache virtual host is working! </h1>
 </body>
</html>

Save and close the file when you're done.

Create an Apache Virtual Host configuration file

Next, you'll need to create an Apache Virtual Host configuration to host the test.example.com website. You can create it with the following command:

nano /etc/apache2/sites-available/test.example.com.conf

Paste the following lines:

<VirtualHost *:80>
    ServerAdmin webmaster@localhost
    ServerName test.example.com
    DocumentRoot /var/www/html/test.example.com
    DirectoryIndex index.html
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Save and close the file when you're done, and activate the Apache virtual host with the following command:

a2ensite test.example.com.conf

Then restart the Apache service to apply the configuration changes:

systemctl restart apache2

You can also check the Apache status with the following command:

systemctl status apache2

Now open your web browser and check your website with the URL http://test.example.com. You should see the index.html page on the following screen:

Once you're done, you can secure the website with Let's Encrypt SSL.

Secure Apache web server with Let's Encrypt SSL

By default, the Apache web server is not secured. Therefore, it is a good idea to install Let's Encrypt SSL to secure the communication.

First install the Certbot client package to manage the SSL certificate:

apt install certbot python3-certbot-apache -y

Once Certbot is installed, run the following command to install and configure Let's Encrypt SSL for your website.

certbot --apache

You will be asked to enter your email address:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Enter email address (used for urgent renewal and security notices)
 (Enter 'c' to cancel): hitjethva@gmail.com

Enter your valid email address and press enter. You will be asked if you accept the terms of use:

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y

Type Y and press enter. You will be asked if you want to share your e-mail address:

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: N

Type N and press enter. You will be asked to select the domain for which you want to enable HTTPS:

Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: test.example.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 

Press Enter to select your domain and start the installation. Once Let's Encrypt SSL is installed and configured, you will receive the following output:

Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/test.example.com/fullchain.pem
Key is saved at:         /etc/letsencrypt/live/test.example.com/privkey.pem
This certificate expires on 2022-08-11.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.

Deploying certificate
Successfully deployed certificate for test.example.com to /etc/apache2/sites-available/test.example.com-le-ssl.conf
Successfully deployed certificate for www.test.example.com.com to /etc/apache2/sites-available/test.example.com-le-ssl.conf
Congratulations! You have successfully enabled HTTPS on https:/test.example.com and https://www.test.example.com.com

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
 * Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
 * Donating to EFF:                    https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

You can now securely access your website by using the URL https://test.example.com.

Conclusion

Congratulations! You have successfully installed the Apache web server with Let's Encrypt SSL on Ubuntu 22.04. You can now start hosting your application with the Apache web server.