How to Install CertBot SSL Certificate to Secure Nginx/Apache on RHEL/CentOS 7
CertBot gives a simple method to get and introduce free TLS/SSL certificates, thereby enabling encrypted HTTPS on web servers. Let’s Encrypt improves your site security through encryption, even on the most essential servers, can build your visitor’s trust in your site and your capacity to run it.
This article will help you to install Let’s Encrypt SSL Certificate to Secure Nginx/Apache on RHEL/CentOS.
Before starting work on this task, I assume you already have:
- Running Ubuntu system with sudo privileges shell access.
- A domain name registered and pointed to your server’s public IP address. For this tutorial, we use srv.techoism.com, which is pointed to our server.
- Running web server with VirtualHost configured for srv.techoism.com on Port 80.
- HOW TO INSTALL LET’S ENCRYPT SSL CERTIFICATE TO SECURE APACHE/NGINX ON RHEL/CENTOS 6
- HOW TO INSTALL AN SSL CERTIFICATE ON UBUNTU FOR NGINX
- HOW TO ENABLE TLS VERSION IN MOD_SSL ON APACHE WEBSERVER
- HOW TO GENERATE SSL CERTIFICATE SIGNING REQUEST (CSR) IN LINUX
- ENCRYPT MESSAGES & FILES USING OPENSSL ON LINUX
- SSL V3 (POODLE) VULNERABILITY: APACHE
- SSL V3 (POODLE) VULNERABILITY: NGINX
Step 1: Prerequisite
Install the required web server If it is not installed, you can use mention command to install a webserver.
# yum install nginx
# yum install httpd mod_ssl
The easy way to install CertBot you need to install EPEL repository on the server.
# yum install epel-release
Step 2: Start Web Server
Finally, you can start a web server with the following command:
# systemctl start nginx.service
# systemctl start httpd.service
Step 3: Install CertBot SSL Certificate
After installing all the required dependencies now you can install the CertBot SSL certificates using the following command:
# yum install certbot python-certbot-nginx
# yum install certbot python2-certbot-apache
Step 4: Configure Certificate
To obtain the SSL Certificate, we need to run Let’s Encrypt script command. Use-mention command to install the SSL certificates.
# certbot --nginx -d srv.techoism.com
# certbot --apache -d srv.techoism.com
Enter the email address which is used by Let’s Encrypt to recover your lost key.
Agree on the license terms by typing “A” and then hit Enter.
If you want to share your email address with the Electronic Frontier Foundation to receive email’s like EFF News, campaigns etc, then press Y else press N and hit Enter.
Please choose whether or not to redirect HTTP traffic to HTTPS and hit enter.
If everything went smooth then you will receive congratulation message with all the required information.
Step 5: Verify Free Let’s Encrypt Encryption
Now you are ready to verify the Let’s Encrypt certificates using mention URL.
Step 6: Access URL
You can access your website to test that HTTPS is properly working or not.
Reference: CertBot Official Website