How To Install Let's Encrypt In CentOS 7
In this tutorial we are going to install let's encrypt in cent os 7 an Apache. After installing this you can encrypt the connection between server and client. Let's Encrypt is a free pioneer of free SSL.
 |
Requirements:
- SUDO access to SSH from VPS.
- Installed Apache server in VPS.
- Domain name should be pointed with your VPS.
Installing dependent modules
You need to install EPEL and mod_ssl repository to install cerbot.
To install run the below command
yum install epel–release mod_ssl
Download Let's Encrypt
To install run the below command.
yum install python–certbot–apache
Now cerbot in installed sucessfully.
Configure SSL Certificate
To configure SSL certificate cerbot can handle the SSL certificate easily. Cerbot will generate a new certificate from your domain.
In this case i am using example.com as my domin. You need to use your pointed domin to install SSL.
certbot —apache –d exemple.com
certbot —apache –d exemple.com –d www.exemple.com
While installing it will ask for some steps complete that by step by step.
Once installation is completed you will see the congratulation message in terminal like this.
IMPORTANT NOTES:
– If you lose your account credentials, you can recover through
e–mails sent to user@example.com.
– Congratulations! Your certificate and chain have been saved at
/etc/letsencrypt/live/example.com/fullchain.pem. Your cert
will expire on 2016–04–21. To obtain a new version of the
certificate in the future, simply run Let‘s Encrypt again.
– Your account credentials have been saved in your Let’s Encrypt
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Let‘s
Encrypt so making regular backups of this folder is ideal.
– If you like Let’s Encrypt, please consider supporting our work by:
Donating to ISRG / Let‘s Encrypt: https//letsencrypt.org/donate
Donating to EFF:https://eff.org/donate-le
– If you lose your account credentials, you can recover through
e–mails sent to user@example.com.
– Congratulations! Your certificate and chain have been saved at
/etc/letsencrypt/live/example.com/fullchain.pem. Your cert
will expire on 2016–04–21. To obtain a new version of the
certificate in the future, simply run Let‘s Encrypt again.
– Your account credentials have been saved in your Let’s Encrypt
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Let‘s
Encrypt so making regular backups of this folder is ideal.
– If you like Let’s Encrypt, please consider supporting our work by:
Donating to ISRG / Let‘s Encrypt: https//letsencrypt.org/donate
Donating to EFF:https://eff.org/donate-le
Configure Auto certificate reniwal.
Now we are going to create a cronjob that will automatically renew your SSL certificate once it expired.
To create a cronjob run the below commands.
crontab –e
15 3 * * * /usr/bin/certbot renew --quiet
This cronjob will run everyday 3:15 am you can choose any time that you need.
Now you sucessfully installed let's encrypt in your cent os 7 an apache and you server in now sercured with SSL certificate.
0 Comments