free-ssl-on-apache2-v2

How To Install FREE SSL (Let’s Encrypt) With Apache2.4 On CentOS7

Posted on August 24, 2023

This article explains how to install free ssl certificate (Let’s Encrypt) under CentOS and running on Apache Web Server. All other command outputs or results were excluded to simplify the process and easy to understand. Let’s Encrypt is a certificate authority that provides free SSL certificates for websites. It was launched in 2014 to ensure all websites are secure and HTTPS. More than 250 million websites use it. The goal of Let’s Encrypt is to make all websites secure and using HTTPS.

Install SSL Let’s Encrypt Package Dependencies : epel-release, mod_ssl and python-certbot-apache

yum install epel-release mod_ssl
yum install python-certbot-apache


Obtain And Install SSL Certificate:

Once the certbbot installed, you can now execute the following commands provided below to obtain and install
an SSL certificate for your domain.

Note: We use valid domain e.g. ‘pinoylinux.org’ as an example, you may replace it with your own domain and have it configured on your web server.

For SSL with single domain

certbot --apache -d pinoylinux.org

Or if you have multiple domains or subdomains, your must run this command

certbot --apache -d pinoylinux.org -d www.pinoylinux.org -d blog.pinoylinux.org


Setup Auto Renewal Of Certificate

Let’s Encrypt certificates are only valid for 90 days on the default setup, We recommend to renew the free ssl certificate before the expiration date.
or simply automate the renewal process using cron job, you may perform the following steps below:

Edit the crontab to start and create a new job:

crontab -e

Add the following line, cron script will run the auto certificate renewal twice a day:

* */12 * * * root /usr/bin/certbot renew >/dev/null 2>&1

Or this way around:

0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew

 

Leave a Reply

Your email address will not be published. Required fields are marked *