How To Install Certbot On Centos 7

Today, we will prove you, How to install Let's Encrypt on CentOS 7 with Apache. Permit'due south Encrypt is a completely free and automated, new certificate dominance developed past the Internet Security Research Grouping (ISRG) and recognized by all major browsers. They get in a breeze to prepare TLS certificates for your web server. And for free! Let's Encrypt is supported past major players like Mozilla, Akamai, Cisco, the EFF and managed by the Linux Foundation. Allow'south Encrypt provides free, automatic and secure certificates. The website owners tin hands obtain security certificates within minutes, enabling a safer web feel for all.In today's tutorial we are going to learn how to install a Let'due south Encrypt SSL certificate on CentOS 7 with Apache, and configure the certbot for automatic renewal.

1. Update the organisation

Equally usual make certain the system is fully upwards to date before installing whatsoever packages:

# yum -y update

ii. Install Apache

We are going to use Apache as our spider web server, install it using this command:

# yum -y install httpd

3. Install mod_ssl

Install mod_ssl as well as nosotros are going to need it to configure our Let's Encrypt SSL certificate:

# yum -y install mod_ssl

iv. Configure Apache

Create a document root folder for your site:

# mkdir /var/www/examination

Create a virtual host config file for your site by opening it with nano and so pasting the following contents within:

# nano /etc/httpd/conf.d/examination-site.conf  <VirtualHost *:80>     ServerAdmin [email protected]     DocumentRoot "/var/world wide web/test"     ServerName test.com     ServerAlias www.test.com     ErrorLog "/var/log/httpd/test.error_log"     CustomLog "/var/log/httpd/examination.access_log" common </VirtualHost>        

Add together a index.html file for testing purposes later with the following contents:

# nano /var/www/test/index.html  It works!        

Alter owner of the "/var/www/test" directory to the apache user so Apache can read the directory:

# chown -R apache:apache /var/www/examination

Remember to alter "test" for your site'south proper noun.
Now that nosotros accept Apache installed we can continue by installing certbot.

5. Install certbot

To install certbot first we need to make certain nosotros have the EPEL repository enabled, to practice that execute the post-obit command:

# yum -y install epel-release

Make sure yum-utils is installed:

# yum -y install yum-utils

Then install certbot for Apache:

# yum -y install certbot-apache

Now that nosotros have certbot installed, run certbot with the following command:

# certbot --apache

Certbot will enquire you for the names you would like to actuate HTTPS for:

Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator apache, Installer apache Starting new HTTPS connection (one): acme-v01.api.letsencrypt.org  Which names would you like to actuate HTTPS for? ------------------------------------------------------------------------------- 1: test.com two: www.test.com ------------------------------------------------------------------------------- Select the appropriate numbers separated past commas and/or spaces, or leave input blank to select all options shown (Enter 'c' to cancel):        

Printing enter to continue and then optionally if y'all want you can redirect your sites to HTTPS:

Please cull whether or non to redirect HTTP traffic to HTTPS, removing HTTP access. ------------------------------------------------------------------------------- 1: No redirect - Make no further changes to the webserver configuration. 2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for new sites, or if you lot're confident your site works on HTTPS. You tin undo this change past editing your spider web server's configuration. ------------------------------------------------------------------------------- Select the appropriate number [ane-2] then [enter] (press 'c' to cancel):        

If everything goes well you should see the following output:

------------------------------------------------------------------------------- Congratulations! You have successfully enabled https://test.com and https://www.test.com  You lot should test your configuration at: https://www.ssllabs.com/ssltest/analyze.html?d=test.com https://www.ssllabs.com/ssltest/analyze.html?d=www.test.com -------------------------------------------------------------------------------        

6. Configure automatic renewal

Now we are going to add a cronjob then our Let's Encrypt SSL certificates can be renewed automatically.

First run the post-obit command so we can take nano as the default editor:

# export EDITOR=/bin/nano

So execute the following control to edit the crontab:

# crontab -eastward

Let's Encrypt recommends the automatic renew cronjob to run twice a twenty-four hours, to do that add the following line so save and exit the crontab:

* */12 * * * /usr/bin/certbot renew >/dev/null 2>&1

Now you should have successfully installed and configured Permit's Encrypt with Apache.

Of form you don't have to install Let'due south Encrypt on CentOS 7 with Apache, if you employ one of our outsourced Linux server support services, in which case y'all tin simply ask our expert Linux admins to install Let's Encrypt SSL certificate on your server with Apache. They are available 24×7 and volition take intendance of your asking immediately.

PS. If you liked this post, on how to install Let's Encrypt on CentOS vii with Apache, please share it with your friends on the social networks using the buttons on the left or simply leave a reply below. Thanks.

Source: https://linuxhostsupport.com/blog/how-to-install-lets-encrypt-on-centos-7-with-apache/

Posted by: fletchermatelike.blogspot.com

Share this post