How to Setup Let's Encrypt SSL with Apache on CentOS 7 / RHEL 7

How to Setup Let’s Encrypt SSL with Apache on CentOS 7 / RHEL 7 / SL 7 / OL 7 . The Let’s Encrypt is a free SSL Certificate provider and its is founded by the non profit organization “ISRG”. Most important thing it s provided you free without any cost. After adding this SSL certificates now your websites are on HTTPS protocol. This certificates make the web secure by providing the FREE SSL certificates for your websites. To implement these SSL certificates consider to follow all the steps in this tutorial.

How to Setup Let’s Encrypt SSL with Apache on EL7

Step-1 (Install the Apache Web Server)

How to Install Apache Web Server is Shown in given tutorial.

Step-2 (Add your FQDN and Server IP Address)
[[email protected] ~]# vim /etc/hosts

Edit the lines With your FQDN & IP Address

127.0.0.1 techbrown.com
::1 techbrown.com
Step-3 (Configure the Apache Configuration File)
[[email protected] ~]# vim /etc/httpd/conf/httpd.conf

Add the given line to the last line of configuration file

IncludeOptional setup/*.conf
Step-4 (Add Virtual Host on Apache Web Server)

Create a Directory

[[email protected] ~]# mkdir /etc/httpd/setup

Add the Virtual host

[[email protected] ~]# vim /etc/httpd/setup/techbrown.com.conf

Add the given line to the configuration file

<VirtualHost *:80>
ServerName techbrown.com
ServerAlias techbrown.com
DocumentRoot /var/www/
</VirtualHost>
Step-5 (Restart the Apache Services)
[[email protected] ~]# systemctl restart httpd
Step-6 (Enable the EPEL Repository)
[[email protected] ~]# wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
[[email protected] ~]# rpm -ivh epel-release-latest-7.noarch.rpm
Step-7 (Install the Pre dependencies required during installations)
[[email protected] ~]# yum install git python-pip
Step-8 (Generate the Free SSL certificates using Let’s Encrypt)

Clone the Let’s Encrypt Source code from GITHUB

[[email protected] ~]# git clone https://github.com/letsencrypt/letsencrypt

Chand the Directory to let’s encrypt Directory

[[email protected] ~]# cd letsencrypt/

Note: Before Starting Setup Please add your domain name with correct IP address on your DNS A records using your domain DNS address dashboard and also check the ports 443 and 80 ports are allowed (in white list) by your firewall.

[[email protected] ~]# ./letsencrypt-auto --apache -d techbrown.com --verbose
Add your Email ID for recovering the lost keys.

lets1

Accept the Terms of Service.

lets2

After that follow the steps on your nag screen to complete the let’s encrypt congratulation screen.

Step-9 (After Successfully generated SSL certificates add those to the Apache Virtual host configuration file)
[[email protected] ~]# vim /etc/httpd/setup/techbrown.com.conf

Add the given line to the last line of configuration file

<VirtualHost *:443>
ServerName techbrown.com
ServerAlias techbrown.com
DocumentRoot /var/www/
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/techbrown.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/techbrown.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/techbrown.com/chain.pem
</VirtualHost>
Step-10 (Add the SSL certificates to the Apache SSL configuration file)
[[email protected] ~]# vim /etc/httpd/conf.d/ssl.conf

Add the given line to the last line of configuration file

SSLCertificateFile /etc/letsencrypt/live/techbrown.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/techbrown.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/techbrown.com/chain.pem
Step-11 (Check the Virtual host generated by the Let’s Encrypt)
[[email protected] ~]# cat /etc/httpd/conf.d/vhost-techbrown.com-le-ssl.conf
Step-12 (Finally Restart the Apache Services)
[[email protected] ~]# systemctl restart httpd
Step-13 (Renew your Let’s encrypt before completion of 90 days)

The SSL certificates are valid for 90 days after that you need to renew them by running the given scripts

[[email protected] ~]# ./letsencrypt-auto renew
Step-14 (You can check the HTTPS Web Site for your domain SSL configuration)

https://www.ssllabs.com/ssltest/analyze.html

lets7

For more info you can visit Let’s Encrypt official Web Site.

Final Words

Congratulation now you have generated the Let’s Encrypt SSL certificated and apply successfully to your domain to make your website safer by adding HTTPS protocol using Let’s Encrypt FREE SSL certificates.

Hot Right Now

Related Post

COMMENTS