Run these steps to install the Certbot client.

# cd /usr/ports/security/py-certbot
# make install clean

To request the certificate we need to run the certbot command using one domain as follows. We will be using the standard apache path located at /usr/local/www/apache24/data and then using as the example domain.

# certbot certonly --webroot -w /usr/local/www/apache24/data/ -d

This is an example output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel):

Please read the Terms of Service at You must agree in order to register with the ACME server at

(A)gree/(C)ancel: A

Would you be willing to share your email address with the Electronic Frontier Foundation, a founding partner of the Let's Encrypt project and the non-profit organization that develops Certbot? We'd like to send you email about EFF and our work to encrypt the web, protect its users and defend digital rights.

(Y)es/(N)o: N

Obtaining a new certificate
Performing the following challenges:
http-01 challenge for
Using the webroot path /usr/local/www/apache24/data for all unmatched domains.
Waiting for verification...
Cleaning up challenges

- Congratulations! Your certificate and chain have been saved at /usr/local/etc/letsencrypt/live/
Your cert will expire on 2017-10-11. To obtain a new or tweaked version of this certificate in the future, simply run certbot again. To
non-interactively renew *all* of your certificates, run "certbot renew" - Your account credentials have been saved in your Certbot
configuration directory at /usr/local/etc/letsencrypt. You should
make a secure backup of this folder now. This configuration
directory will also contain certificates and private keys obtained
by Certbot so making regular backups of this folder is ideal.
- If you like Certbot, please consider supporting our work by:

Donating to ISRG / Let's Encrypt:
Donating to EFF:

The apache and qmail guides have their own way of configuring ssl with certbot.