What you'll find in this article
Let's start by looking at what SSL certificates are, and why the HTTPS protocol is important.
Finally, we'll look at how to get a free certificate and how to implement HTTPS in our web projects.
What is SSL and HTTPS
SSL
A SSL certificate (Secure Sockets Layer) is a digital file that serves to encrypt communication between a browser (client) and a web server.
It guarantees three main things:
- 🔒 Confidentiality — data travels encrypted.
- ✅ Authenticity — the browser can verify that the site is really who it claims to be.
- 🛡️ Integrity — prevents information from being altered in transit.
https
The HTTPS protocol (HyperText Transfer Protocol Secure) is the secure version of HTTP, y uses SSL/TLS to encrypt The connections.
Prior to its adoption, all web traffic was HTTP, and therefore unencrypted.
This meant that anyone in the connection path (e.g., on a public network or an ISP) could:
- 📡 Read data: passwords, forms, cookies, etc.
- ✍️ Modify content: Inject malicious scripts or ads.
- 🎭 Spoofing servers (phishing or MITM): An attacker could impersonate the original site.
👉 In other words, all sites were exposed, and SSL/HTTPS was born precisely to protect the integrity and confidentiality of the web.
TLS
SSL was the Encryption protocol original created by Netscape in the 90s to encrypt web communication.
However,, SSL was deprecated and replaced by TLS (Transport Layer Security), its improved version.
💡 Nowadays, when we say "SSL certificate", it's actually almost always a TLS certificate, it's just that the term SSL is kept out of habit.
It's easy to identify in the address bar:
http://programacionymas.com ❌ inseguro
https://programacionymas.com ✅ usa certificado SSL/TLS
Summary
Here is the clear difference:
- HTTPS ✅ is the Communication Protocol (a secure version of HTTP).
- SSL/TLS 🔒 is the Encryption protocol that HTTPS uses internally to secure that communication.
- The SSL 📄 certificate is the digital file that allows you to use SSL/TLS.
Get a free certificate
Today we're going to get a free SSL certificate from Let's Encrypt using Certbot.
To give you a little more context:
- Let's Encrypt → This is the certificate authority (CA) that issues free SSL/TLS certificates. It is the service that validates that you own the domain and signs the certificate.
- Certbot → It is a tool created by the Electronic Frontier Foundation (EFF) to facilitate the obtainment, installation and renewal of these certificates.
Let's take a step-by-step look at how to get the certificate and install it.
Note: The commands in this guide are for Ubuntu/Debian distributions.
Step 0: Before
Before the changes, the situation looks like this:
This is because browsers mark sites without HTTPS as unsecured.
For this guide, we're going to work with this domain as an example.
Step 1: Install Certbot
This command installs Certbot and its plug-in for Apache:
sudo apt install certbot python3-certbot-apache
certbot: request and manage Let's Encrypt certificates.python3-certbot-apache: plugin that allows Certbot to automatically configure Apache (edit VirtualHosts, enable HTTPS).
Step 2: Prepare your VirtualHost
A VirtualHost is a configuration on your web server (such as Apache).
Each VirtualHost can have its own domain, file directory, SSL certificates, logs, etc.
On Ubuntu, Apache VirtualHosts are located in:
/etc/apache2/sites-available/
You can head over to this folder and list the files to confirm which one is associated with your domain.
On some occasions an additional configuration file has not been created, but the default one is used.
What you need to do is modify the configuration file:
sudo nano /etc/apache2/sites-available/000-default.conf
And to ensure that both ServerName as ServerAlias are declared.
If you can't find them, you can add them, this way:
<VirtualHost *:80>
ServerName theclosetcodeluxe.net
ServerAlias www.theclosetcodeluxe.net
## ...
</VirtualHost>
Then you save the changes and reload Apache:
sudo systemctl reload apache2
Step 3: Run Certbot
Now issue your SSL certificate with this command:
sudo certbot --apache -d tu-dominio.com -d www.tu-dominio.com
You must replace the domain 2 times. And you can also use .net or a different ending:
sudo certbot --apache -d theclosetcodeluxe.net -d www.theclosetcodeluxe.net
As soon as you run the command:
- Certbot will ask you for an email
- You must accept the terms and conditions by typing Y (for Yes) and pressing ENTER
Completing this, Certbot will proceed to:
- Create
/etc/apache2/sites-available/000-default-le-ssl.conf - Enable HTTPS
If everything went well, you'll see a message like the following:
Requesting a certificate for theclosetcodeluxe.net and www.theclosetcodeluxe.net
And finally:
Successfully received certificate.
Congratulations! You have successfully enabled HTTPS on https://theclosetcodeluxe.net and https://www.theclosetcodeluxe.net
Step 4: Verify renewal
With this command we can verify that the renewal of the certificate will occur successfully:
sudo certbot renew --dry-run
After running it, within a few seconds you should see a message like the following:
Congratulations, all simulated renewals succeeded
Step 5: Final Result
Finally visit your domain, and you should see that it is already protected by a padlock:
Bonus
While your site is already accessible using https, It is also still accessible using http (Insecure protocol).
This can be confusing for people who visit your site.
Therefore, the ideal is to redirect the visits you receive as http towards https.
In this article I explain How to redirect your domain to use HTTPS.
Conclusion
As you can see, it is important to have SSL encryption (and enable the HTTPS protocol) so that your site is secure.
If this guide has been helpful to you.
Also, remember that any question is welcome.