Create an A record with <yourdomain> pointing to your server’s public IP address.
Create an A record with www.<yourdomain> pointing to your server’s public IP address.
Depending on the speed of your provider, replication of these changes to the global DNS roots may take some time to complete.
sudo add-apt-repository ppa:certbot/certbot
sudo apt install python-certbot-apache
DNS replication from above must be complete and verified before progressing. I recommend running a simple ping <yourdomain> to see if it returns the public IP of your server. Once it does, continue.
sudo certbot –apache -d <your domain> -d www.<yourdomain>
Fill out the field as prompted through the wizard. If everything is set properly, the HTTPS certificate will be created.
I recommend redirecting HTTP to HTTPS because, why not?
Verify automated certificate renewal is working:
sudo certbot renew –dry-run
If everything completes without errors, we’re done and the certificate is in-place!