In this article, we will have explained the necessary steps to secure Apache with let’s encrypt on CentOS 8. Before continuing with this tutorial, make sure you are logged in as a user with sudo privileges. All the commands in this tutorial should be run as a non-root user.
Let’s Encrypt is a certificate authority that provides free SSL certificates for the website, operating since April 2016, and supported by companies and internet organizations of the world such as Mozilla, Cisco, Chrome, Akamai, etc.
Secure Apache with Let’s Encrypt on CentOS 8
Step 1. The first command will update the package lists to ensure you get the latest version and dependencies.
Before install the Let’s Encrypt SSL domain should be well accessed and use the Apache virtual host. Read the tutorial how to Install Apache on CentOS 8.
Step 2. Install Certbot.
Certbot is a free command-line tool that simplifies the process for obtaining and renewing Let’s Encrypt SSL certificates from and auto-enabling HTTPS on your server:
Then, run this command to get a certificate and have Certbot edit your Apache configuration automatically to serve it, turning on HTTPS access in a single step:
Step 3. Set up automatic renewal let’s encrypt.
The SSL certificate is only valid for 90 days, for the certificate update run renew:
echo"0 0,12 * * * root python -c 'import random; import time; time.sleep(random.random() * 3600)' && /usr/local/bin/certbot-auto renew"|sudotee-a/etc/crontab>/dev/null
Step 4. Checking your Certificate Status.
You can ensure that Certbot created your SSL certificate correctly by using the SSL Server Test from the cloud security company Qualys. Open the following link in your preferred web browser, replacing
example.com with your base domain:
Congratulation, you have learned how to secure Apache with let’s encrypt on CentOS 8. If you have any question, please leave a comment below.