For this example, we will install a valid SSL certificate for your domain hosted in your VPS.
- Centos 7 installed on the server
- The domain name should have a valid DNS records, ie, it should be accessible via the internet. We are particularly interested in valid A record and CNAME.
Here are the steps to achieve the above
1. Connect to your server. Ensure you have root privileges as many commands run here require root privileges.
2. Install Apache web server and “mod_ssl” which adds SSL support to Apache
yum install httpd mod_ssl -y
3.Start and enable apache and verify that it’s running
systemctl start httpd
systemctl enable httpd
systemctl status httpd
4. Create and index.html file and place it in the DocumentRoot folder, /var/www/html/index.html
5. Install certbot application. It’s found in EPEL repository thus you’ll need to first install the repository if it doesn’t exist in your system
yum install epel-release
yum install certbot
5. Install the Apache web server certbot plugin
yum install -y python2-certbot-apache
6. Execute the certbot command to request for an SSL from Let’s Encrypt
certbot –apache -d example.com.
If you want to force https for all traffic, choose the “Secure” HTTPS access option when prompted.
You can now check whether SSL is correctly installed on your site.
7. Lastly, SSL certificates issued by Let’s Encrypt are valid for 90 days. To renew the cerficate, use the cerbot command.
Certbot renews all certificates expiring in less than 30 days and restart Apache if cerificate is renewed.
Extra Tip: You can schedule a cron task to perform this renewal. Execute crontab -e and edit crontab
# Renew SSL Certificates Daily
0 0 * * * /usr/bin/certbot renew &>/var/log/certbot.cronlog