How to install let’s Encrypt SSL on CentOS 7

#Introduction

In this tutorial, How to install Let’s Encrypt SSL on CentOS 7. Let’s Encrypt is a free, automated TLS/SSL certificate web server. In the previous post, I have installed Let’s Encrypt SSL on Centos 6 here.

Prerequisite

yum install -y epel-release mod_ssl

How to install Let’s Encrypt SSL on CentOS 7

yum install -y certbot

Generate a SSL certificate

sudo certbot certonly \
--manual \
--agree-tos \
--preferred-challenges=dns \
--server https://acme-v02.api.letsencrypt.org/directory \
--email huupv@devopsroles.com \
--domains devopsroles.com

Certificated will be available under the folder: /etc/letsencrypt/live/devopsroles.com

/etc/letsencrypt/live/devopsroles.com/fullchain.pem
/etc/letsencrypt/live/devopsroles.com/privkey.pem

Create SystemD service for certbot.service. New file /etc/systemd/system/certbot.service

[Unit]
Description=Renew Let's Encrypt certificates
After=network-online.target

[Service]
Type=oneshot
ExecStart=/usr/bin/certbot renew --renew-hook "/bin/systemctl --no-block reload nginx" --quiet --agree-tos

Create SystemD service for certbot.timer. New file /etc/systemd/system/certbot.timer

[Unit]
Description=Daily renewal of Let's Encrypt's certificates

[Timer]
OnCalendar=daily
RandomizedDelaySec=1day
Persistent=true

[Install]
WantedBy=timers.target

Start and enable certbot.timer

systemctl daemon-reload
systemctl start certbot.timer
systemctl enable certbot.timer

List service certbot timer as follow

systemctl list-timers certbot.timer

Conclusion

You have installed Let’s Encrypt SSL on CentOS 7. I hope will this your helpful. Thank you for reading the DevopsRoles page!

About HuuPV

My name is Huu. I love technology, especially Devops Skill such as Docker, vagrant, git, and so forth. I like open-sources, so I created DevopsRoles.com to share the knowledge I have acquired. My Job: IT system administrator. Hobbies: summoners war game, gossip.
View all posts by HuuPV →

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.