Introduction

In this tutorial, you will learn how to install Let’s Encrypt on CentOS 7 with Apache. Let’s Encrypt is a free, automated, and open certificate authority developed by the Internet Security Research Group (ISRG). Certificates issued by Let’s Encrypt are valid for 90 days from the issue date. When finished, all traffic between server and client will be encrypted. We’ll use the certbot utility to obtain and renew Let’s Encrypt certificates.

  1. Update the system
yum -y update

2.   Install Apache

yum -y install httpd

3.  Install mod_ssl

yum -y install mod_ssl

4.  Create Virtual Host

We will create a virtual host for the domain: test.nodemonster.com. A virtual host config file is required in this step. You can create it with nano and enter the following lines:

nano /etc/httpd/conf.d/test.nodemonster.com.conf

then pasting the following contents inside:

<VirtualHost *:80>
    ServerName test.nodemonster.com
    ServerAlias www.test.nodemonster.com
    ServerAdmin webmaster@test.nodemonster.com
    DocumentRoot /var/www/test.nodemonster.com/public_html

    <Directory /var/www/test.nodemonster.com/public_html>
        Options -Indexes +FollowSymLinks
        AllowOverride All
    </Directory>

    ErrorLog /var/log/httpd/test.nodemonster.com-error.log
    CustomLog /var/log/httpd/test.nodemonster.com-access.log combined
</VirtualHost>


Create a document root to place your HTML files.

mkdir -p /var/www/test.nodemonster.com/public_html

Place the HTML file inside the document root of your domain.

echo "You focus on your business, We take care of your Servers" > /var/www/test.nodemonster.com/public_html/index.html

Change the permission of the directory.

chown -R apache:apache /var/www/test.nodemonster.com

Test the configuration file syntax with.

sudo apachectl configtest

Restart the Apache.

systemctl restart httpd

5.   Install certbot

Before installing certbot, make sure that you have EPEL repository activated by entering this command:

yum -y install epel-release

Make sure yum-utils is installed:

yum -y install yum-utils

Then install certbot for Apache:

yum -y install certbot-apache

Now you create an SSL certificate using the following command (replace test.nodemonster.com with your own domain name).

letsencrypt --apache -d test.nodemonster.com  -d www.test.nodemonster.com 

If everything goes well you should see the following output.

6.   Automatic Certificate Renewal

A good thing about using Let’s Encrypt is that you can set an automatic certificate renewal.

To set the automatic renewal, enter this following command:

export EDITOR=/bin/nano

It will set nano as the default editor and now it can edit the crontab:

crontab -e

Actually, Let’s Encrypt suggest automatic renew cronjob runs twice a day. In order to do so, paste this command and save the crontab:

* */12 * * * /usr/bin/certbot renew >/dev/null 2>&1


Conclusion

That’s All. I hope you learned How to Install Let’s Encrypt Free SSL Certificate For Apache on CentOS 7