Get let’s encrypt ssl on centOS 8; Through this tutorial, we will learn how to install and configure let’s encrypt ssl on centOS 8.
To enable HTTPS/TLS in any website and mail server, ssl certificate has to be installed. Let’s encrypt has to be installed and configured to use https and talas for free. In this tutorial, we will learn how to install and configure SSL Certificate Lets Encrypt for free. So that https and tls can be enabled in our web server and mail server
How to Get Let’s Encrypt SSL on CentOS 8
Follow the following steps to install and configure let’s encrypt ssl on centOS 8:
- Step 1 – Install snapd
- Step 2 – Start and Enable snapd
- Step 3 – Create Symbolic Link
- Step 4 – Install Certbot
- Step 5 – Get an SSL certificate Let’s Encrypt
- Step 6 – Wildcard SSL certificate and DNS challenge
- Step 7 – Automatic certificate renewal
Step 1 – Install snapd
First of all, open terminal and execute the following command on terminal to install snapd in centos:
dnf install epel-release; dnf install snapd
Step 2 – Start and Enable snapd
Then execute the following command on terminal to start and enable it:
systemctl enable --now snapd.socket
Step 3 – Create Symbolic Link
Now, execute the following command on terminal to create the following symbolic link to enable classic snap support:
ln -s /var/lib/snapd/snap /snap
After that reboot system by executing the following command on terminal:
reboot
Make sure that the latest version is installed:
snap install core; snap refresh core
Step 4 – Install Certbot
If there is no Certbot on centos system by executing the following command on terminal:
dnf remove certbot
Now, execute the following command on terminal to Install Cerbot:
snap install --classic certbot
Add the following symbolic link to ensure successful launch of Certbot.
ln -s /snap/bin/certbot /usr/bin/certbot
Step 5 – Get an SSL certificate Let’s Encrypt
If we don’t have any web server running, then execute the following command on terminal and follow the instructions:
certbot certonly --standalone
It uses the HTTP port to check the response when accessing the domain name. If our web server is already running and you don’t want to stop it, use the following one. WE will be asked to enter the domain name and its webroot to confirm your rights to it.
certbot certonly --webroot
Step 6 – Wildcard SSL certificate and DNS challenge
Another way to verify our rights to a domain name and its servers is through a DNS challenge. And this is the only way to get a wildcard SSL certificate. We must have access to manage the DNS records of our site. Use this command and follow the instructions:
certbot certonly --manual --preferred-challenges dns -d domain-name.com -d *.domain-name.com
Step 7 – Automatic certificate renewal
During the installation of Certobot, automatic certificate updates are configured. It is a timer that will check the certificates that will expire soon in the system and update them. To see if it’s configured, look here:
systemctl list-timers | grep certbot
If we see no output, we can check here:
cat /etc/crontab
cat /etc/cron.*/*
To check the automatic renewal process by executing the following command on terminal:
certbot renew --dry-run
Conclusion
Get let’s encrypt SSL on centOS 8; Through this tutorial, we have learned how to install and configure let’s encrypt SSL on centOS 8.
