Published November 18, 2018 by

Install Let's Encrypt SSL with Apache on CentOS


In this tutorial, we are learning, with step-by-step instructions on how to install Let’s Encrypt SSL certificate with Apache on CentOS. Let’s Encrypt is an open SSL Certificate Authority (CA) that offers free domain-validated (DV) certificates for your websites. SSL Certificates are used to establish a secure encrypted connection between a web server and a user’s web browser. The SSL certificates that have been issued by Let’s Encrypt are valid for 90 days and are trusted by most web browsers today.

Step 1: Install CertBot
 $ yum -y install epel-release  
 $ yum install httpd mod_ssl python-certbot-apache  


Step 2: Set Up the SSL Certificate

Install Let’s Encrypt SSL certificate on your domain (change ‘yourdomain.com’ with your actual domain):
$ sudo certbot --apache -d example.com --preferred-challenges http  

If you want to install a single certificate that is valid for multiple domains or subdomains, you can pass them as additional parameters to the command. The first domain name in the list of parameters will be the base domain used by Let’s Encrypt to create the certificate, and for that reason we recommend that you pass the bare top-level domain name as first in the list, followed by any additional subdomains or aliases
$ sudo certbot --apache -d example.com -d www.example.com --preferred-challenges http  

Step 3: Renew the SSL certificate


Insert below command for renewing SSL certificate.
$ sudo certbot renew

Step 4: Auto-Renew the SSL certificate with a cronjob

Create a cronjob so the SSL certificate is renewed automatically. Run:
$ crontab -e  

and add the following line.
0 0 1 * * /usr/bin/certbot renew >> /var/log/letsencrypt-renew.log  

Save and close that file and restart cron service for the changes to take effect.
$ /sbin/service crond restart  

Open https://yourdomain.com in a web browser, and check whether Let’s Encrypt SSL is installed properly.