On my home Linux box, I implemented Let’s Encrypt to properly manage secure HTTPs connections. To properly configure it we need to:

• Make the directory /.well-known reachable via HTTP and mapped locally under /var/www/html/.well-known.
• Register a valid email address: certbot update_account --email [email protected].
• Register a new domain: certonly --webroot -w /var/www/html --preferred-challenges http -d www.example.com.
• Display installed certificates: certbot certificates.
• Renew expiring certificates: certbot renew.

Additional notes:

• If we are using DDNS domains, the process can fail because a limited number of certificates are allowed for each domain.