The Let’s Encrypt is a free SSL Certificate provider and its is founded by the non profit organization “ISRG”. Most important thing it s provided you free without any cost. After adding this SSL certificates now your websites are on HTTPS protocol.
This certificates make the web secure by providing the FREE SSL certificates for your websites. To implement these SSL certificates consider to follow all the steps in this tutorial.
Step-1 (Install the Apache Web Server)
Install Apache Web Server using DNF package installer
# dnf install httpd*
Start the httpd service
# systemctl start httpd
Enable the httpd service during boot time.
# systemctl enable httpd
Add your FQDN and Server IP Address
# vim /etc/hosts
Edit the lines With your FQDN & IP Address
127.0.0.1 techbrown.com
::1 techbrown.com
Step-2 (Configure the Apache Configuration File)
# vim /etc/httpd/conf/httpd.conf
Add the given line
IncludeOptional setup/*.conf
Add Virtual Host on Apache Web Server
Create a Directory
# mkdir /etc/httpd/setup
Add the Virtual host
# vim /etc/httpd/setup/techbrown.com.conf
Add the given line to the configuration file
<VirtualHost *:80>
ServerName techbrown.com
ServerAlias techbrown.com
DocumentRoot /var/www/
</VirtualHost>
Restart the Apache Services
# systemctl restart httpd
Enable the EPEL Repository
# wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
# rpm -ivh epel-release-latest-8.noarch.rpm
Install the Pre dependencies required during installations
# dnf install git python-pip
Step-3 (Generate the Free SSL certificates using Let’s Encrypt)
Clone the Let’s Encrypt Source code from GITHUB
# git clone https://github.com/letsencrypt/letsencrypt
Change the Directory to let’s encrypt Directory
# cd letsencrypt/
Note: Before Starting Setup Please add your domain name with correct IP address on your DNS A records using your domain DNS address dashboard and also check the ports 443 and 80 ports are allowed (in white list) by your firewall.
# ./letsencrypt-auto --apache -d techbrown.com --verbose
Add your Email ID for recovering the lost keys.
Accept the Terms of Service.
After that follow the steps on your nag screen to complete the let’s encrypt congratulation screen.
Step-4 (After Successfully generated SSL certificates add those to the Apache Virtual host configuration file)
# vim /etc/httpd/setup/techbrown.com.conf
Add the given line to the last line of configuration file
<VirtualHost *:443>
ServerName techbrown.com
ServerAlias techbrown.com
DocumentRoot /var/www/
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/techbrown.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/techbrown.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/techbrown.com/chain.pem
</VirtualHost>
Edit Apache SSL configuration file
# vim /etc/httpd/conf.d/ssl.conf
Add these
SSLCertificateFile /etc/letsencrypt/live/techbrown.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/techbrown.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/techbrown.com/chain.pem
Check the Virtual host generated by the Let’s Encrypt
# cat /etc/httpd/conf.d/vhost-techbrown.com-le-ssl.conf
Finally Restart the Apache Services
# systemctl restart httpd
Step-5 (Renew your Let’s encrypt before completion of 90 days)
The SSL certificates are valid for 90 days after that you need to renew them by running the given scripts
# ./letsencrypt-auto renew
You can check the HTTPS Web Site for your domain SSL configuration
https://www.ssllabs.com/ssltest/analyze.html
For more info you can visit Let’s Encrypt official Web Site.
Congratulations now you have configured Lets Encrypt SSL with Apache on your Alma / Rocky / Amazon Linux.
