Certbot Glossary

Browser

A browser is the program you use to view websites on the Internet. Firefox, Safari, Internet Explorer, and Chrome are all web browsers. Mobile devices have a web browser app for the same purpose.

Backports

Backports is a feature in some operating systems that provides an option for getting newer versions of software than those that your operating system package manager would otherwise provide you. The installation instructions for Certbot in some environments may ask you to follow instructions for enabling the backports feature on your operating system.

Admin Access

You have administrative access to a server if you are the person who can control that server and perform administrative tasks like installing and removing software or changing the system as a whole. This is often also called “root access.” If you can successfully run “sudo” on a server, you have admin access. This is probably the case if you use a VPS or dedicated server or if someone else has set up the server just for you. It’s probably not the case if you use a shared server or if you can only ever interact with the server via FTP, SFTP, or a control panel interface.

DNS

DNS is the Domain Name System which creates a worldwide directory of domain names, like example.com, certbot.eff.org, community.letsencrypt.org, or millions of others. These domain names can be looked up by Internet users’ software anywhere in the world to learn IP addresses and other technical data that’s used to make connections to servers. DNS is an important part of Internet infrastructure and is operated collectively by hundreds of organizations, including DNS registrars (which let you pay to register your own domain name for your own site) and various DNS providers.

SFTP

SFTP is a more-secure version of FTP.

Firewall

A firewall monitors and controls network traffic on a machine.

Server - Shared Server

A shared server is a server that hosts content or services run by different people on the same machine. A popular version of this is shared hosting, where websites run by different people are provided by the same server that is shared between them.

Certificate

A certificate is a file that mathematically shows browsers or other software that they’ve made an encrypted connection to the site they attempted to connect to.

Let’s Encrypt

Let’s Encrypt is a certificate authority that issues digital certificates free of charge to let people get encrypted HTTPS connections to web sites on the Internet, which are substantially more secure than unencrypted connections. Certbot is a software tool made by the Electronic Frontier Foundation. Certbot is the most popular way for people who run their own web servers to get a Let’s Encrypt certificate, set up HTTPS on the server, and renew the certificate automatically in the future. There are also many other tools and options for people in different situations to get Let’s Encrypt certificates.

SSL/TLS

SSL, aka TLS, is a protocol used to encrypt data sent between two computers. When you browse the web with encryption using HTTPS (instead of HTTP), your web browser is using SSL/TLS to talk to web sites under the hood. Sometimes SSL and TLS are used to distinguish different protocol versions, but for most common purposes they are synonyms.

DNS Record

A DNS record is an entry in a nameserver that tells machines on the Internet some information about the domain. For example, an “A record” describes which IPv4 address a particular domain name should point to.

Cloud Hosting

Cloud hosting can refer to any situation in which your web site is hosted using someone else's infrastructure, typically on servers belonging to a web hosting company. This could be contrasted with a web site that's hosted on your own personal server, such as a physical machine running in your home.

Domain Registrar

A domain registrar is an organization that website operators purchase domains from.

Server - Dedicated Server

A dedicated server is a server that only hosts the contents or services for a single website administrator.

Port 443

Port 443 is the port officially assigned for use with HTTPS. Different Internet services are distinguished by using different TCP port numbers. Unencrypted HTTP normally uses TCP port 80, while encrypted HTTPS normally uses TCP port 443.

IP Address

An IP address is a group of numbers, like 198.51.100.55, that identify a computer on the Internet and allow other computers to talk to it.

Shared Hosting

Shared hosting is a kind of web hosting in which several customers’ web sites are hosted by the same server, which is mainly administered by the web hosting provider. Usually customers administer their own sites on a shared server using a web-based control panel interface. This is less expensive than VPS hosting and often calls for less technical knowledge on the customer’s part; overall, it’s the most popular type of web hosting environment.

Certbot is less suitable for use in most shared hosting environments because it’s usually easier and more reliable to ask the hosting provider to set up HTTPS. (Some shared hosting users use Certbot, most often because their hosting providers are uncooperative or don’t have another way to enable HTTPS support for customer sites.)

Cron Job

A cron job is a task to be run at a scheduled time by the program cron.

Server Plugin

In the context of Certbot, this refers to software that works with Certbot to configure a specific piece of server software. For instance, Certbot has an Apache plugin and a nginx plugin which can be used to obtain and configure certificates with those servers.

Certificate Authority

A certificate authority is an organization that gives out certificates to website operators.

Internet Service Provider

An Internet Service Provider (ISP) is an organization that people can obtain access to the Internet from.

Software repository or “repo”

A repo is a place where software is stored to be accessed by others. Examples of this include a GitHub repository that contains the files for a software project, or the repositories offered by popular operating systems such as Debian, Fedora, and Ubuntu, which contain many different pieces of software for their users to download and install.

Automatic Renewal

In the context of Certbot, this refers to a feature designed to automatically obtain new versions of a certificate before it expires. This feature is important as helps you avoid gaps between having valid certificates that can be trusted by the users of your server.

Docker

Docker is a system that allows website operators to run pre-configured systems called “containers” inside of their server. These containers come with everything needed to perform a task. Certbot’s Docker containers ship with Certbot already set up inside of them.

Hosting Provider

A hosting provider is a company or other organization that helps you get your website online. Hosting providers are usually paid by a customer and offer a variety of different plans and services, including shared hosting, virtual private servers, and dedicated servers. Their servers are usually located in data centers, and the sites or servers they host are usually administered remotely over the Internet.

Server - Web Server

“Web server” can refer to either the server (computer), application (software), or the combination of the two that’s used to provide your web site’s content to the rest of the Internet.

TCP

TCP is a protocol that allows two computers to send data to each other. More complex protocols like HTTP, HTTPS, SSH, and FTP, are built using TCP as a building block.

HTTPS

HTTPS (Hypertext Transfer Protocol Secure) is the update to HTTP that uses the SSL/TLS protocol to provide security for connections between web browsers and web servers. Using HTTPS normally requires a certificate from a certificate authority, such as Let’s Encrypt, and will also require installing that certificate onto a web server. Certbot can help perform both of these steps automatically in many cases. HTTPS is an Internet standard and is normally used with TCP port 443.

Server - Virtual Private Server (VPS)

A virtual private server is a complete server environment within which the customer can control the entire operating system and software environment. That allows the customer to be the system administrator for this server environment. This is the second-most common kind of web hosting environment (following shared hosting), and is offered by major providers like Amazon AWS, Azure, DigitalOcean, and Linode, among others. Most successful Certbot users are running Certbot in a VPS environment.

Updates

It is important to keep software up-to-date so that the latest security fixes and features can be applied.

DNS Validation

DNS validation is a method to prove your control over your domain name by asking you to create specific DNS TXT records within the domain. This requires you to have appropriate credentials to change your DNS records. DNS validation is one of the options provided by Let’s Encrypt to prove your control over your domain name. If you have a DNS provider that’s supported by Certbot, Certbot can automate this process. Otherwise, you would have to perform it yourself every time you renew your certificate. Most Certbot users don’t need to perform DNS validation, but it’s required by Let’s Encrypt if you want a wildcard certificate, and it can also be a useful option if your web server can’t receive connections from the Internet (for example, because it’s on a private network behind a firewall).

Crontab

The “cron table” is a specific file that contains tasks to be run at a scheduled time by the program cron.

Control Panel

A control panel is a type of software that provides an interface for configuring websites, such as cPanel.

Automatic Updates

Automatic updates are when a piece of software downloads a new version of itself automatically, usually as soon as practical after it becomes available. This process is designed to help the software have the latest bug fixes and features that have been released by the developer.

Software

Software is a set of instructions that teach a computer how to perform a particular task. Certbot is one software application that can be useful for web site administrators who want to set up HTTPS on their web sites. Certbot documentation will also expect you to know the names and versions of some other software that you use on your web server. For instance, the way to install Certbot is different on different operating systems, so you'll be asked the operating system software that your web server uses.

DNS Provider

A Domain Name System (DNS) provider is an organization that runs DNS servers (also called nameservers) to host DNS records for domain names. Your DNS provider could be the same as, or different from, your DNS registrar (whom you pay to register your domain name), or your hosting provider (whom you pay to host your web site). You can also change your DNS provider if your current provider doesn’t offer the features that you want. Your DNS provider must follow various Internet technical standards in order for Let’s Encrypt to confirm that it’s you who controls your domain name when you request a certificate. You need to interact with your DNS provider in order to change the DNS records that refer to your domain name. Some DNS providers can help you create Let’s Encrypt certificates (including wildcard certificates) easily using Let’s Encrypt’s DNS validation method, including by providing a software interface that Certbot can use for updating DNS records automatically.

Operating System

The operating system is the core software running on a computer. The most common operating systems are Windows, macOS, and Linux. Linux is subdivided into “distributions” like Ubuntu, Debian, RedHat, and many more.

FTP

The File Transfer Protocol (FTP) allows users to move files from one machine to another over the network.

Domain Name

A domain name is a human-readable identifier for a website that someone can type into the URL bar of their browser to go to that website. The domain name doesn’t include the parts of the URL after the first single slash mark (/).