Let’s Encrypt is an open Certificate Authority (CA) that offers free TLS/SSL certificates. Let’s Encrypt allow you to you set up a free SSL certificate on your web server. It is developed by the Internet Security Research Group (ISRG). In simple words, we can say Let’s Encrypt certificates are used to encrypt the communication of server and client.
In this tutorial, we will learn how to obtain and install the Let’s Encrypt SSL certificate with the Nginx web server.
- Server with CentOS 7 Operating system.
- Root user or another user with Sudo privilege.
- Nginx web server must be in the running state.
- You need to have a registered domain name for which you wish to issue the new Let’s Encrypt SSL certificate.
- Add DNS records for the Domain. Without DNS records, certbot will not able to verify the domain.
Install the Certbot
- Install the EPEL repository for package installation.
sudo yum install epel-release -y
- Now install the certbot-nginx package.
sudo yum install certbot-nginx -y
- Now check the status of the Nginx Web server.
sudo systemctl status nginx
Obtain the Certificate
- To request the SSL certificate, run the following command.
sudo certbot --nginx -d example.com -d www.example.com
For the first time, It will ask for a mail. Enter the mail ID and accept the terms and conditions. After obtaining the SSL certificate, it will show an output like this.
Setting Up Auto Renewal
Certificates issued by the let’s encrypt are only valid for 90 days. After that it got expired then we need to reissue the SSL certificated again with the certbot command. To avoid this, we can set up auto-renewal of SSL. To set auto-renewal, use the following command.
To set auto-renewal, we need to set a cron in crontab.
- To open the Crontab, run the following command.
sudo crontab -e
- Enter the following data in crontab.
0 0 1 */2 * /usr/bin/certbot renew --quiet
In this tutorial, we have learned about the Let’s Encrypt client certbot, and how we can use certbot to obtain and install the Free SSL on our domain in CentOS 7 with the Nginx web server.
If you guys have any queries related to this tutorial then let me know in the comments section.