Physical Address
Metro Manila, Philippines
This article explains how to install free ssl certificate (Let’s Encrypt) under CentOS and running on Apache Web Server. All other command outputs or results were excluded to simplify the process and easy to understand. Let’s Encrypt is a certificate authority that provides free SSL certificates for websites. It was launched in 2014 to ensure all websites are secure and HTTPS. More than 250 million websites use it. The goal of Let’s Encrypt is to make all websites secure and using HTTPS.
Install SSL Let’s Encrypt Package Dependencies : epel-release, mod_ssl and python-certbot-apache
yum install epel-release mod_sslyum install python-certbot-apache
Obtain And Install SSL Certificate:
Once the certbbot installed, you can now execute the following commands provided below to obtain and install
an SSL certificate for your domain.
Note: We use valid domain e.g. ‘pinoylinux.org’ as an example, you may replace it with your own domain and have it configured on your web server.
For SSL with single domain
certbot --apache -d pinoylinux.orgOr if you have multiple domains or subdomains, your must run this command
certbot --apache -d pinoylinux.org -d www.pinoylinux.org -d blog.pinoylinux.org
Setup Auto Renewal Of Certificate
Let’s Encrypt certificates are only valid for 90 days on the default setup, We recommend to renew the free ssl certificate before the expiration date.
or simply automate the renewal process using cron job, you may perform the following steps below:
Edit the crontab to start and create a new job:
crontab -eAdd the following line, cron script will run the auto certificate renewal twice a day:
* */12 * * * root /usr/bin/certbot renew >/dev/null 2>&1Or this way around:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
