DTT

How to set up Lets Encrypt on CentOS 7

Published: August 31, 2017 (Updated: Aug 31, 2017)
#Apache #CentOS #Let's Encrypt

Enjoying this content? Subscribe to the Channel!

Secure Your Website for FREE: Get HTTPS with Let’s Encrypt on CentOS and Apache

Hey Tech Fans! Darren here, and today we are tackling one of the most critical steps in web hosting: security.

If your website is still running on the old, unsecured HTTP protocol, you are losing trust, damaging your SEO, and exposing your users. The good news? Securing your site with HTTPS is now completely free and straightforward, thanks to the amazing open-source project, Let’s Encrypt.

In this detailed tutorial, we’re walking through the process of installing a free SSL certificate on your CentOS server using the Apache web server and the incredibly efficient Certbot utility.

Ready to lock down your site? Let’s dive in!

🎁 Exclusive Freebie Alert!

Before we start, grab my comprehensive Free Linux Cheat Sheet to keep all your essential commands handy: http://eepurl.com/dkRNM9

Prerequisites: What You Need

To follow this guide successfully, you must have the following running on your system. We’ll be executing these steps directly from the command line on CentOS.

  1. CentOS Installed: Our base operating system.
  2. Apache Installed: The web server handling your traffic.
  3. Virtual Hosts Configured: If you are running multiple sites on one server, virtual hosts are essential.

If you need help getting started, check out my other tutorials:

Step 1: Install the EPEL Repository

Let’s Encrypt’s primary tool, Certbot, is usually found in the Extra Packages for Enterprise Linux (EPEL) repository. This is an essential step to ensure we can fetch the necessary packages easily.

Type the following command and press Enter:

sudo yum install EPEL-release

You may be prompted for your password and to confirm the installation by typing Y.

Step 2: Install Essential Apache and SSL Packages

Now that EPEL is available, we can install the components needed for secure communication and the Certbot client that integrates directly with Apache.

We need three main components: httpd (Apache, often already installed), mod_ssl (the module that allows Apache to handle SSL), and python-certbot-apache (the Certbot client designed for Apache configuration).

Execute this command:

sudo yum install httpd mod_ssl python-certbot-apache

Again, confirm the download and installation by typing Y when prompted. Wait for the process to complete.

Pro Tip: If your screen is getting cluttered, just type clear and press Enter to start fresh!

Step 3: Run Certbot and Generate the Free SSL Certificate

This is the magic step! We will now run the Certbot utility. Certbot automatically contacts Let’s Encrypt, verifies that you own the domain, generates the certificate files, and configures your Apache settings to use them.

You will need to replace yourdomain.com with the actual domain name you set up in your Apache Virtual Host configuration.

Use the following format:

sudo certbot --apache -d yourdomain.com

What Happens Next?

Certbot will begin its automated process:

  1. Verification: It obtains a new certificate and verifies that the domain name points back to this specific server.

  2. Key Generation: It generates the secure keys needed for encryption.

  3. Configuration Prompt (Crucial!): Certbot will ask you how you want to handle existing HTTP traffic:

    • 1: No Redirect: Keeps both HTTP and HTTPS active.
    • 2: Redirect: Forces all unsecured HTTP traffic to automatically redirect to the secure HTTPS version (Highly Recommended!).

    We want maximum security and SEO benefit, so type 2 and press Enter.

Step 4: Finalize Configuration and Restart Apache

Once Certbot finishes, it updates your virtual host configuration file automatically, adding the necessary lines for the SSL certificate and the secure redirection.

Although Certbot often attempts a restart automatically, it’s always best practice to perform a clean restart of the Apache service to ensure the new configuration is fully loaded.

Use the following command:

sudo systemctl restart httpd

Check Your Work!

Open your web browser and navigate to your domain, but this time, just type in the standard HTTP address (e.g., http://yourdomain.com).

You should immediately see the site redirect to https://yourdomain.com, and you should see the padlock icon indicating a secure connection! Congratulations, your site is now secure and running HTTPS, all thanks to Let’s Encrypt and Certbot.

Summary: Security Achieved!

You have successfully upgraded your CentOS server and secured your website with a free, professional SSL certificate. This is a game-changer for user trust and search engine ranking.

Remember, Let’s Encrypt certificates are valid for 90 days, but Certbot automatically sets up a cron job to handle automatic renewal for you, so you don’t have to worry about manually updating it!

If you ran into any issues or have questions, drop a comment below—I’m happy to help if I can!

If you found this tutorial helpful, be sure to hit that like button and subscribe to Darren’s Tech Tutorials for more practical, clear tech guides. Happy hosting!