My linux world » Apache SSL using lets-encrypt

Apache SSL using lets-encrypt


Let’s Encrypt is a certificate authority that launched on April 12, 2016[1][2] that provides free X.509 certificates for Transport Layer Security (TLS) encryption via an automated process designed to eliminate the current complex process of manual creation, validation, signing, installation, and renewal of certificates for secure websites.
Wikipedia

Installation

# get certbot client:
yum -y install python-certbot-apache
 
# install certificate
cerbot --apache -d MYDOMAIN.COM -d www.MYDOMAIN.COM
 
# restart httpd:
systemctl httpd restart
 
# open https port (i.e. 443) in the firewall :
echo "add service http (port 443) to firewall"
firewall-cmd --permanent --add-service https
 
echo "reload firewall-cmd"
firewall-cmd --reload

Renew

Finally, add a crontab to renew automatically certificate every week.
In crontab add the followings :

# every sunday a 2:30 am
30 2 * * 6 /usr/bin/certbot renew >> /var/log/ssl-renew.log

How to check my certificate status ?

You can check your certificate status here :

https://www.ssllabs.com/ssltest/analyze.html?d=MYDOMAIN.COM&latest

Copyright © 2023 My linux world - by Marc RABAHI
Design by Marc RABAHI and encelades.

Fork me on GitHub