Let’s try the free SSL with Let’s Encrypt

The objective of Let’s Encrypt is to make it possible to set up an HTTPS server and have it automatically obtain a browser-trusted certificate, without any human intervention. This is accomplished by running a certificate management agent on the webserver.

To understand how the technology works, let’s walk through the process of setting up https://example.com/ with a certificate management agent that supports Let’s Encrypt.

There are two steps to this process. First, the agent proves to the CA that the web server controls a domain. Then, the agent can request, renew, and revoke certificates for that domain.

  1. SSH into your server.
  2. Download certbot (the Let’s Encrypt client need to install for renew and install ssl): **
wget https://dl.eff.org/certbot-auto** then **
chmod a+x certbot-auto**

3. Run certbot to fetch your certificates.follow the below code

sudo ./certbot-auto — debug -v — server https://acme-v01.api.letsencrypt...certonly -d YOUR_DOMAIN [Replace your Domain in YOUR_DOMAIN placeholde]

4. while generating it will ask you the recover or support email please add your email.

5. certbot will place your certs in the following paths…

Certificate:

 /etc/letsencrypt/live/YOUR_DOMAIN/cert.pem

Full Chain:

/etc/letsencrypt/live/YOUR_DOMAIN/fullchain.pem

Private Key:

/etc/letsencrypt/live/YOUR_DOMAIN/privkey.pem

6. Go to your apache config where you created a virtual host it can be either in httpd.conf or conf.d.

7. Add the virtual host for 443 port

<VirtualHost *:443>ServerAdmin ADMIN_EMAILServerName YOUR_DOMAINServerAlias www.YOUR_DOMAINDocumentRoot “YOUR FOLDER PATH”AllowEncodedSlashes OnErrorLog “/var/log/httpd/YOUR_DOMAIN_error.log”CustomLog “/var/log/httpd/YOUR_DOMAIN-sslaccess.log” common<Directory YOUR FOLDER PATH>DirectoryIndex index.phpOptions -IndexesAllowOverride All</Directory>
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/YOUR_DOMAIN/cert.pemSSLCertificateKeyFile /etc/letsencrypt/live/YOUR_DOMAIN/privkey.pemSSLCertificateChainFile /etc/letsencrypt/live/YOUR_DOMAIN/fullchain.pem</VirtualHost>

I hope this will help you to get your SSL.please to let me know if you get any issue and I will also help you to set up the cron for SSL generation if you need it.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Ranbir Kumar Das

Ranbir Kumar Das

260 Followers

I M Believer, Helper, Chaser, Thinker, Rich, Explorer, Prayer, Boss, Freedom, Fearless, Investor, Faith, Creator, trillionaire, CSM, Salesforce certified