How to Install Let's Encrypt SSL Certificate on a CentOS 7 Cloud Server?

30-01-2024 02:59:21

This guide explains the method of installing an SSL certificate on a CentOS 7 cloud server using Apache as the web server. Once successfully installed, the traffic between the server and client will be encrypted. SSL certificates are widely used in e-commerce websites and the online financial industry. Let's Encrypt is a pioneer in providing free SSL certificates and is one of the most common SSL certificates available.

Installing Certbot

First, install two dependency packages:

sudo yum install -y epel-release mod_ssl

Install the Certbot client. Certbot is a tool that simplifies the management of SSL certificates.

sudo yum install python-certbot-apache

Installing the SSL Certificate

Install and configure the SSL certificate. Replace example.com with your actual domain name.

sudo certbot --apache -d example.com

If you need to generate certificates for multiple domains, you can use the following command. Note that the first domain must be the root domain.

sudo certbot --apache -d example.com -d www.example.com

During the installation process, the system will provide a step-by-step configuration guide. We can choose whether to enforce HTTPS or retain HTTP as the default protocol. The guide also requires us to provide an email address for the certificate administrator. Upon completion of the installation, the system will display the following results:

IMPORTANT NOTES:
- If you lose your account credentials, you can recover through
emails sent to user@example.com.
- Congratulations! Your certificate and chain have been saved at
/etc/letsencrypt/live/example.com/fullchain.pem. Your cert
will expire on 2019-04-21. To obtain a new version of the
certificate in the future, simply run Let's Encrypt again.
- Your account credentials have been saved in your Let's Encrypt
configuration directory at / etc / letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also have certificates and private keys obtained by Let's
Encrypt so regular backups of this folder is ideal.
- If you like Let's Encrypt, please consider supporting our work by:

Setting Up Automatic Renewal

Let's Encrypt certificates have a validity period of 90 days, thus timely renewal is necessary. Certbot assists in renewing the certificates. Here, we need to confirm that Certbot's renewal function is working correctly.

sudo certbot renew

If the certificate was installed recently, Certbot will only display the expiration date without performing a renewal.

Processing  /etc/letsencrypt/renewal/example.com.conf
The following certs are not due for renewal yet:
    /etc/letsencrypt/live/example.com/fullchain.pem (skipped)
No renewals were attempted.

Setting up automatic renewal requires creating a cron job.

sudo crontab -e

Add the following cron job to execute once every week at midnight on Monday

0 0 * * 1 / usr / bin / certbot renew >> /var/log/sslrenew.log

This completes the installation process of the free SSL certificate on a CentOS 7 cloud server. From this point, data transmitted between Apache and the client will be encrypted, ensuring the security of network transmission.

Search

Latest

What are the differences between cloud servers and dedicated servers?
23-02-2024 02:02:07
How to Test the Bandwidth and Speed of Your Cloud Server?
22-02-2024 03:19:32
Regarding IP Address Allocation, Changing IP Addresses, and Testing IPs in Cloud Server IP Address Management
22-02-2024 03:16:03
How to Change the DNS Server on a Linux Cloud Server?
22-02-2024 03:14:03
How to Install cURL on a Linux Cloud Server?
22-02-2024 03:11:58