In this tutorial, you will learn how to install Let’s Encrypt on CentOS 7 with Apache. Let’s Encrypt is a free, automated, and open certificate authority developed by the Internet Security Research Group (ISRG). Certificates issued by Let’s Encrypt are valid for 90 days from the issue date. When finished, all traffic between server and client will be encrypted. We’ll use the certbot utility to obtain and renew Let’s Encrypt certificates.
- Update the system
yum -y update
2. Install Apache
yum -y install httpd
3. Install mod_ssl
yum -y install mod_ssl
4. Create Virtual Host
We will create a virtual host for the domain: test.nodemonster.com. A virtual host config file is required in this step. You can create it with nano and enter the following lines:
then pasting the following contents inside:
Create a document root to place your HTML files.
mkdir -p /var/www/test.nodemonster.com/public_html
Place the HTML file inside the document root of your domain.
echo "You focus on your business, We take care of your Servers" > /var/www/test.nodemonster.com/public_html/index.html
Change the permission of the directory.
chown -R apache:apache /var/www/test.nodemonster.com
Test the configuration file syntax with.
sudo apachectl configtest
Restart the Apache.
systemctl restart httpd
5. Install certbot
Before installing certbot, make sure that you have EPEL repository activated by entering this command:
yum -y install epel-release
Make sure yum-utils is installed:
yum -y install yum-utils
Then install certbot for Apache:
yum -y install certbot-apache
Now you create an SSL certificate using the following command (replace test.nodemonster.com with your own domain name).
letsencrypt --apache -d test.nodemonster.com -d www.test.nodemonster.com
If everything goes well you should see the following output.
6. Automatic Certificate Renewal
A good thing about using Let’s Encrypt is that you can set an automatic certificate renewal.
To set the automatic renewal, enter this following command:
It will set nano as the default editor and now it can edit the crontab:
Actually, Let’s Encrypt suggest automatic renew cronjob runs twice a day. In order to do so, paste this command and save the crontab:
* */12 * * * /usr/bin/certbot renew >/dev/null 2>&1
That’s All. I hope you learned How to Install Let’s Encrypt Free SSL Certificate For Apache on CentOS 7