diff --git a/cloudserver.md b/cloudserver.md
index c269101f..d0b8d372 100644
--- a/cloudserver.md
+++ b/cloudserver.md
@@ -93,8 +93,8 @@ Configure the back-end server ip address:
 Install the SSL private key:
 
     # Copy the private key
-    sudo cp ocpu2017.key /etc/ssl/private/ocpu2017.key
-    sudo chmod 600 /etc/ssl/private/ocpu2017.key
+    sudo cp ocpu2017.key /etc/letsencrypt/live/ocpu.io/privkey.pem
+    sudo chmod 600 /etc/letsencrypt/live/ocpu.io/privkey.pem
     
 Enable the ocpu.io site
 
diff --git a/debian/changelog b/debian/changelog
index 49a6577e..cde9a1a8 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,4 +1,4 @@
-opencpu (2.2.0-bionic0) bionic; urgency=low
+opencpu (2.2.0-bionic2) bionic; urgency=low
 
   * Debian package with OpenCPU software. See www.opencpu.org
 
diff --git a/debian/opencpu-cache.install b/debian/opencpu-cache.install
index a394f3c4..c8bde9c0 100644
--- a/debian/opencpu-cache.install
+++ b/debian/opencpu-cache.install
@@ -1,5 +1,4 @@
 opencpu-cache/nginx/* /etc/nginx/
-opencpu-cache/certs/* /usr/lib/opencpu/certs/
 opencpu-cache/init.d/* /usr/lib/opencpu/init.d/
 opencpu-cache/systemd/* /etc/systemd/system/multi-user.target.wants/
 opencpu-cache/scripts/* /usr/lib/opencpu/scripts/
diff --git a/debian/opencpu-cache.links b/debian/opencpu-cache.links
index c8e31d93..5311cb90 100644
--- a/debian/opencpu-cache.links
+++ b/debian/opencpu-cache.links
@@ -1,2 +1 @@
 /usr/lib/opencpu/init.d/opencpu-cache /etc/init.d/opencpu-cache
-/usr/lib/opencpu/certs/ocpu2017.pem /etc/ssl/certs/ocpu2017.pem
diff --git a/opencpu-cache/certs/ocpu2017.pem b/opencpu-cache/certs/ocpu2017.pem
deleted file mode 100644
index 850bf401..00000000
--- a/opencpu-cache/certs/ocpu2017.pem
+++ /dev/null
@@ -1,98 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIFQzCCBCugAwIBAgIRAPGjWNTfd7Bef4pe1rXHbDIwDQYJKoZIhvcNAQELBQAw
-gZAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
-BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTYwNAYD
-VQQDEy1DT01PRE8gUlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg
-Q0EwHhcNMTcwNDA4MDAwMDAwWhcNMjAwNDA3MjM1OTU5WjBWMSEwHwYDVQQLExhE
-b21haW4gQ29udHJvbCBWYWxpZGF0ZWQxHTAbBgNVBAsTFFBvc2l0aXZlU1NMIFdp
-bGRjYXJkMRIwEAYDVQQDDAkqLm9jcHUuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDBBnRcrJy8JIAxExmh9yLO+MP5WDOYlEtsxKQkFOwz0ybX9F70
-AQ8QpXTyvAh/R1n9angWP6ndVH/r6Vh8H4Fq5MBzsh5siIrq9FMLK9AlMkwxTCtL
-jtNFLEKsqCF1XlD3H9Sy4QKoLcSp4v0hihwtQjCleS9RIo4xpGQyQ2GiLPMGZGIT
-PcOVrDNws7CqYI0CGUOijRw8j+w91fQ0bgyzXrZ2f7AZthw/OhqKjc//VMaijk2f
-t+VmawzQuGIyU/U4TIv/kTZDi7tXP352nGCNb0WqgMkSiYVtSOkB7saryCB8MZsh
-iHD0Q4+K6DyOyf9UNlBa/fpsL82AaUF/IKltAgMBAAGjggHPMIIByzAfBgNVHSME
-GDAWgBSQr2o6lFoL2JDqElZz30O0Oija5zAdBgNVHQ4EFgQUKlP7uF/ONDwJWQTL
-KkYlQR9mHxAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
-FAYIKwYBBQUHAwEGCCsGAQUFBwMCME8GA1UdIARIMEYwOgYLKwYBBAGyMQECAgcw
-KzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNvbS9DUFMwCAYG
-Z4EMAQIBMFQGA1UdHwRNMEswSaBHoEWGQ2h0dHA6Ly9jcmwuY29tb2RvY2EuY29t
-L0NPTU9ET1JTQURvbWFpblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcmwwgYUG
-CCsGAQUFBwEBBHkwdzBPBggrBgEFBQcwAoZDaHR0cDovL2NydC5jb21vZG9jYS5j
-b20vQ09NT0RPUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAk
-BggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMB0GA1UdEQQWMBSC
-CSoub2NwdS5pb4IHb2NwdS5pbzANBgkqhkiG9w0BAQsFAAOCAQEASuYm3FqiOMNr
-5TmCb84MYIGOhIv+De5l0oOIjO0UX9IdniU7WT/sfbM7/F/+LioOMDlX9m1Nlw1W
-0UJZ4NW6Y7K8D2NyVi+rEal5ErC2GHnvZPaxG6U45FrVjxKVA/Xfjwoioe8UWm66
-qGxcdRS/zzvvQsGJNhs/FReBNhsubVte9Twl0ob/YYkxic7uFYGf5MeCvKndbsAk
-vz/fuofr3Zop+aI5L2g61GIfTrIhDBsYC4zlDIR+7CvEcp0kox3GmFGzriqc+wua
-r+IcBYJds/arz6beVayYz6/K5+oop0YvZHNw6hRo5tpqAXDGKjluUYDD5fhvvBY2
-Lg4Yjk0HjQ==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIGCDCCA/CgAwIBAgIQKy5u6tl1NmwUim7bo3yMBzANBgkqhkiG9w0BAQwFADCB
-hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
-A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
-BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwMjEy
-MDAwMDAwWhcNMjkwMjExMjM1OTU5WjCBkDELMAkGA1UEBhMCR0IxGzAZBgNVBAgT
-EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR
-Q09NT0RPIENBIExpbWl0ZWQxNjA0BgNVBAMTLUNPTU9ETyBSU0EgRG9tYWluIFZh
-bGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAI7CAhnhoFmk6zg1jSz9AdDTScBkxwtiBUUWOqigwAwCfx3M28Sh
-bXcDow+G+eMGnD4LgYqbSRutA776S9uMIO3Vzl5ljj4Nr0zCsLdFXlIvNN5IJGS0
-Qa4Al/e+Z96e0HqnU4A7fK31llVvl0cKfIWLIpeNs4TgllfQcBhglo/uLQeTnaG6
-ytHNe+nEKpooIZFNb5JPJaXyejXdJtxGpdCsWTWM/06RQ1A/WZMebFEh7lgUq/51
-UHg+TLAchhP6a5i84DuUHoVS3AOTJBhuyydRReZw3iVDpA3hSqXttn7IzW3uLh0n
-c13cRTCAquOyQQuvvUSH2rnlG51/ruWFgqUCAwEAAaOCAWUwggFhMB8GA1UdIwQY
-MBaAFLuvfgI9+qbxPISOre44mOzZMjLUMB0GA1UdDgQWBBSQr2o6lFoL2JDqElZz
-30O0Oija5zAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNV
-HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGwYDVR0gBBQwEjAGBgRVHSAAMAgG
-BmeBDAECATBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmNvbW9kb2NhLmNv
-bS9DT01PRE9SU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcB
-AQRlMGMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9E
-T1JTQUFkZFRydXN0Q0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21v
-ZG9jYS5jb20wDQYJKoZIhvcNAQEMBQADggIBAE4rdk+SHGI2ibp3wScF9BzWRJ2p
-mj6q1WZmAT7qSeaiNbz69t2Vjpk1mA42GHWx3d1Qcnyu3HeIzg/3kCDKo2cuH1Z/
-e+FE6kKVxF0NAVBGFfKBiVlsit2M8RKhjTpCipj4SzR7JzsItG8kO3KdY3RYPBps
-P0/HEZrIqPW1N+8QRcZs2eBelSaz662jue5/DJpmNXMyYE7l3YphLG5SEXdoltMY
-dVEVABt0iN3hxzgEQyjpFv3ZBdRdRydg1vs4O2xyopT4Qhrf7W8GjEXCBgCq5Ojc
-2bXhc3js9iPc0d1sjhqPpepUfJa3w/5Vjo1JXvxku88+vZbrac2/4EjxYoIQ5QxG
-V/Iz2tDIY+3GH5QFlkoakdH368+PUq4NCNk+qKBR6cGHdNXJ93SrLlP7u3r7l+L4
-HyaPs9Kg4DdbKDsx5Q5XLVq4rXmsXiBmGqW5prU5wfWYQ//u+aen/e7KJD2AFsQX
-j4rBYKEMrltDR5FL1ZoXX/nUh8HCjLfn4g8wGTeGrODcQgPmlKidrv0PJFGUzpII
-0fxQ8ANAe4hZ7Q7drNJ3gjTcBpUC2JD5Leo31Rpg0Gcg19hCC0Wvgmje3WYkN5Ap
-lBlGGSW4gNfL1IYoakRwJiNiqZ+Gb7+6kHDSVneFeO/qJakXzlByjAA6quPbYzSf
-+AZxAeKCINT+b72x
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFdDCCBFygAwIBAgIQJ2buVutJ846r13Ci/ITeIjANBgkqhkiG9w0BAQwFADBv
-MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFk
-ZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBF
-eHRlcm5hbCBDQSBSb290MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFow
-gYUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
-BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMSswKQYD
-VQQDEyJDT01PRE8gUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkq
-hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAkehUktIKVrGsDSTdxc9EZ3SZKzejfSNw
-AHG8U9/E+ioSj0t/EFa9n3Byt2F/yUsPF6c947AEYe7/EZfH9IY+Cvo+XPmT5jR6
-2RRr55yzhaCCenavcZDX7P0N+pxs+t+wgvQUfvm+xKYvT3+Zf7X8Z0NyvQwA1onr
-ayzT7Y+YHBSrfuXjbvzYqOSSJNpDa2K4Vf3qwbxstovzDo2a5JtsaZn4eEgwRdWt
-4Q08RWD8MpZRJ7xnw8outmvqRsfHIKCxH2XeSAi6pE6p8oNGN4Tr6MyBSENnTnIq
-m1y9TBsoilwie7SrmNnu4FGDwwlGTm0+mfqVF9p8M1dBPI1R7Qu2XK8sYxrfV8g/
-vOldxJuvRZnio1oktLqpVj3Pb6r/SVi+8Kj/9Lit6Tf7urj0Czr56ENCHonYhMsT
-8dm74YlguIwoVqwUHZwK53Hrzw7dPamWoUi9PPevtQ0iTMARgexWO/bTouJbt7IE
-IlKVgJNp6I5MZfGRAy1wdALqi2cVKWlSArvX31BqVUa/oKMoYX9w0MOiqiwhqkfO
-KJwGRXa/ghgntNWutMtQ5mv0TIZxMOmm3xaG4Nj/QN370EKIf6MzOi5cHkERgWPO
-GHFrK+ymircxXDpqR+DDeVnWIBqv8mqYqnK8V0rSS527EPywTEHl7R09XiidnMy/
-s1Hap0flhFMCAwEAAaOB9DCB8TAfBgNVHSMEGDAWgBStvZh6NLQm9/rEJlTvA73g
-JMtUGjAdBgNVHQ4EFgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQD
-AgGGMA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0gBAowCDAGBgRVHSAAMEQGA1UdHwQ9
-MDswOaA3oDWGM2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9BZGRUcnVzdEV4dGVy
-bmFsQ0FSb290LmNybDA1BggrBgEFBQcBAQQpMCcwJQYIKwYBBQUHMAGGGWh0dHA6
-Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggEBAGS/g/FfmoXQ
-zbihKVcN6Fr30ek+8nYEbvFScLsePP9NDXRqzIGCJdPDoCpdTPW6i6FtxFQJdcfj
-Jw5dhHk3QBN39bSsHNA7qxcS1u80GH4r6XnTq1dFDK8o+tDb5VCViLvfhVdpfZLY
-Uspzgb8c8+a4bmYRBbMelC1/kZWSWfFMzqORcUx8Rww7Cxn2obFshj5cqsQugsv5
-B5a6SE2Q8pTIqXOi6wZ7I53eovNNVZ96YUWYGGjHXkBrI/V5eu+MtWuLt29G9Hvx
-PUsE2JOAWVrgQSQdso8VYFhH2+9uRv0V9dlfmrPb2LjkQLPNlzmuhbsdjrzch5vR
-pu/xO28QOG8=
------END CERTIFICATE-----
diff --git a/opencpu-cache/nginx/sites-available/opencpu b/opencpu-cache/nginx/sites-available/opencpu
index f26491ba..e4e67484 100644
--- a/opencpu-cache/nginx/sites-available/opencpu
+++ b/opencpu-cache/nginx/sites-available/opencpu
@@ -26,7 +26,6 @@ server {
 	port_in_redirect off;
 
 	# Enable HTTPS
-	ssl on;
 	ssl_session_timeout 5m;
 	ssl_protocols SSLv3 TLSv1;
 	ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
diff --git a/opencpu-cache/nginx/sites-available/opencpu-homepage b/opencpu-cache/nginx/sites-available/opencpu-homepage
index 297c09e1..3ad52a17 100644
--- a/opencpu-cache/nginx/sites-available/opencpu-homepage
+++ b/opencpu-cache/nginx/sites-available/opencpu-homepage
@@ -10,15 +10,14 @@ server {
 
 # Main homepage
 server {
-	listen 8007;
+	listen 8007 ssl;
 	server_name www.opencpu.org;
 
 	# For iptables prerouting
 	port_in_redirect off;
 
-	ssl on;
-	ssl_certificate /etc/ssl/certs/ocpu2017.pem;
-	ssl_certificate_key /etc/ssl/private/ocpu2017.key;
+	ssl_certificate /etc/letsencrypt/live/ocpu.io/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/ocpu.io/privkey.pem;
 
 	location / {
 		proxy_pass http://jeroen.github.io/opencpu-pages/;
@@ -41,11 +40,10 @@ server {
 }
 
 server {
-	listen 8007;
+	listen 8007 ssl;
 	server_name opencpu.org blog.opencpu.org;
-	ssl on;
-	ssl_certificate /etc/ssl/certs/ocpu2017.pem;
-	ssl_certificate_key /etc/ssl/private/ocpu2017.key;
+	ssl_certificate /etc/letsencrypt/live/ocpu.io/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/ocpu.io/privkey.pem;
 	rewrite ^ https://www.opencpu.org permanent;
 }
 
@@ -58,11 +56,10 @@ server {
 }
 
 server {
-	listen 8007 default_server;
+	listen 8007 ssl default_server;
 	server_name "";
 	return 444 "Invalid opencpu vhost: $host\n";
 	default_type "text/plain";
-	ssl on;
-	ssl_certificate /etc/ssl/certs/ocpu2017.pem;
-	ssl_certificate_key /etc/ssl/private/ocpu2017.key;
+	ssl_certificate /etc/letsencrypt/live/ocpu.io/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/ocpu.io/privkey.pem;
 }
diff --git a/opencpu-cache/ocpu.io/ocpu-io b/opencpu-cache/ocpu.io/ocpu-io
index 10f653ce..591d967a 100644
--- a/opencpu-cache/ocpu.io/ocpu-io
+++ b/opencpu-cache/ocpu.io/ocpu-io
@@ -15,9 +15,8 @@ server {
 	listen 8007 ssl http2;
 	include /usr/lib/opencpu/ocpu.io/ocpu-cran.conf;
 
-	ssl on;
-	ssl_certificate /etc/ssl/certs/ocpu2017.pem;
-	ssl_certificate_key /etc/ssl/private/ocpu2017.key;
+	ssl_certificate /etc/letsencrypt/live/ocpu.io/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/ocpu.io/privkey.pem;
 	ssl_session_timeout 5m;
 	ssl_protocols SSLv3 TLSv1;
 	ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
@@ -34,9 +33,8 @@ server {
 	listen 8007 ssl http2;
 	include /usr/lib/opencpu/ocpu.io/ocpu-github.conf;
 
-	ssl on;
-	ssl_certificate /etc/ssl/certs/ocpu2017.pem;
-	ssl_certificate_key /etc/ssl/private/ocpu2017.key;
+	ssl_certificate /etc/letsencrypt/live/ocpu.io/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/ocpu.io/privkey.pem;
 	ssl_session_timeout 5m;
 	ssl_protocols SSLv3 TLSv1;
 	ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
@@ -55,7 +53,6 @@ server {
 	server_name ocpu.io;
 	rewrite ^ https://www.opencpu.org/demo.html redirect;
 
-	ssl on;
-	ssl_certificate /etc/ssl/certs/ocpu2017.pem;
-	ssl_certificate_key /etc/ssl/private/ocpu2017.key;
+	ssl_certificate /etc/letsencrypt/live/ocpu.io/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/ocpu.io/privkey.pem;
 }