using let's encrypt at digital ocean as of sep 26, 2016, i'm still using ubuntu 12.04. hr. sudo git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt sudo service nginx stop cd /opt/letsencrypt sudo ./letsencrypt-auto certonly --standalone (numerous ubuntu packages may be updated) (then a text-based app will start. answer prompts, such as adding domain names.) q. Note that if you want a single cert to work with multiple domain names (e.g. example.com and www.example.com (link is external)), be sure to include all of them. q.. (if successful, the terminal app exits. the following info was displayed to me.) Congratulations! Your certificate and chain have been saved at /etc/letsencrypt/live/soupmode.com/fullchain.pem. Your cert will expire on 2016-12-25. To obtain a new or tweaked version of this certificate in the future, simply run letsencrypt-auto again. To non-interactively renew *all* of your certificates, run "letsencrypt-auto renew" - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le q. The files themselves are placed in a subdirectory in/etc/letsencrypt/archive. However, Let's Encrypt creates symbolic links to the most recent certificate files in the /etc/letsencrypt/live/your_domain_name directory. Because the links will always point to the most recent certificate files, this is the path that you should use to refer to your certificate files. q.. h3. etc https://letsencrypt.org/getting-started/ https://certbot.eff.org/#ubuntuother-nginx https://www.reinisfischer.com/linode-how-secure-nginx-lets-encrypt-ubuntu-1204 https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-14-04