Let's Encrypt: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
Line 29: Line 29:
sudo ln -s /snap/bin/certbot /usr/bin/certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
</syntaxhighlight>
</syntaxhighlight>
Get and install certificates:
<syntaxhighlight lang='bash'>
sudo certbot --apache
</syntaxhighlight>
Changes:
* /etc/httpd/conf/httpd.conf
* /etc/httpd/conf.d/ssl.conf
Debug log: <code>/var/log/letsencrypt/letsencrypt.log</code>.


==Wildcard Certificate Installation Procedure==
==Wildcard Certificate Installation Procedure==

Revision as of 01:07, 18 November 2021

Internal

Overview

Let's Encrypt provides free SSL certificates for web sites. The installation of those certificates is performed with certbot, as described in the Procedure section below.

Procedure

Default Certificate Installation Procedure

Prerequisites:

  • ssh access to the machine running the httpd server
  • sudo privileges

ssh into the server.

Install and/or update snapd following these instructions:

snapd Installation

Remove certbot-auto and any Certbot OS packages. If there are any Certbot packages installed with an OS package manager like apt, dnf, or yum, they should be removed before installing the Certbot snap to ensure that when you run the command certbot the snap is used rather than the installation from your OS package manager:

sudo yum remove certbot

Install certbot with snap. As root:

sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot

Get and install certificates:

sudo certbot --apache

Changes:

  • /etc/httpd/conf/httpd.conf
  • /etc/httpd/conf.d/ssl.conf

Debug log: /var/log/letsencrypt/letsencrypt.log.

Wildcard Certificate Installation Procedure