How to install let’s Encrypt SSL on CentOS 7

#Introduction

In this tutorial, How to install Let’s Encrypt SSL on CentOS 7. Let’s Encrypt is a free, automated TLS/SSL certificate web server. In the previous post, I have installed Let’s Encrypt SSL on Centos 6 here.

Prerequisite

yum install -y epel-release mod_ssl

How to install Let’s Encrypt SSL on CentOS 7

yum install -y certbot

Generate a SSL certificate

sudo certbot certonly \
--manual \
--agree-tos \
--preferred-challenges=dns \
--server https://acme-v02.api.letsencrypt.org/directory \
--email huupv@devopsroles.com \
--domains devopsroles.com

Certificated will be available under the folder: /etc/letsencrypt/live/devopsroles.com

/etc/letsencrypt/live/devopsroles.com/fullchain.pem
/etc/letsencrypt/live/devopsroles.com/privkey.pem

Create SystemD service for certbot.service. New file /etc/systemd/system/certbot.service

[Unit]
Description=Renew Let's Encrypt certificates
After=network-online.target

[Service]
Type=oneshot
ExecStart=/usr/bin/certbot renew --renew-hook "/bin/systemctl --no-block reload nginx" --quiet --agree-tos

Create SystemD service for certbot.timer. New file /etc/systemd/system/certbot.timer

[Unit]
Description=Daily renewal of Let's Encrypt's certificates

[Timer]
OnCalendar=daily
RandomizedDelaySec=1day
Persistent=true

[Install]
WantedBy=timers.target

Start and enable certbot.timer

systemctl daemon-reload
systemctl start certbot.timer
systemctl enable certbot.timer

List service certbot timer as follow

systemctl list-timers certbot.timer

Conclusion

You have installed Let’s Encrypt SSL on CentOS 7. I hope will this your helpful. Thank you for reading the DevopsRoles page!