Easiest way to install letsencrypt on Linux
source link: https://computingforgeeks.com/easiest-way-install-letsencrypt-linux/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Install Letsencrypt on Linux: Today i would like to show you the easiest and quickest way to install Letsencrypt on Linux. The process involve few steps and is really automated. The aim here is to use certbot bootstrap script by EFF to request for SSL certificate for your website from Let’s Encrypt.
Certbot is an easy-to-use client that fetches a certificate from Let’s Encrypt-an open certificate authority launched by the EFF, Mozilla, and others and deploys it to a web server.
Below are the steps to follow:
- Download certbot-auto script
wget https://dl.eff.org/certbot-auto -P /usr/local/bin
Make the script executable:
chmod a+x /usr/local/bin/certbot-auto
Before you can request for ssl certificate, open port 443 on firewall, This demonstration assumes you are running CentOS 7.x whose firewall system is firewalld. If you have other systems like Ubuntu or Debian, firewall system might be different.
firewall-cmd --add-service https --permanent firewall-cmd --reload
Now request for ssl certificate:
certbot-auto certonly -d mydomain.com -d www.mydomain.com
As you make first request, the script will install required packages/dependencies and setup virtual environment.
Note that you need active dns A record for the domain specified. For www.mydomain.com, this can be a CNAME record.
Answer few questions on the prompt and in no a time you have your ssl certificate and private key. Default location for this is: /etc/letsencrypt/live
Renewing certs
certbot-auto --renew
Automated renewal using –pre-hook and –post-hook
- For nginx # /usr/local/bin/certbot-auto renew --pre-hook "service nginx stop" \ --post-hook "service nginx start" - For apache # /usr/local/bin/certbot-auto renew --pre-hook "systemctl stop apache2" \ --post-hook "systemctl start apache2"
To force manual renewal:
certbot renew --force-renewal
If you would like to use cron jobs, your crontab should have a line similar to one below:
15 3 * * * usr/local/bin/certbot-auto renew --pre-hook "service nginx stop" --post-hook "service nginx start"
Recommend
-
16
The Easiest Way to Monitor Node.js: Automatic Instrumentation Milica Maksimović, Adam Yeats on Dec 8, 2020 “I absolutely love AppSignal.”
-
9
Popular DatabasesDatabase with all the continents, countries, states and cities of the world. This directory contains all 7 continents, 250 countries, 4k subdivisions (provinces, states, etc) and more than 127k thousand cities. All...
-
12
The Easiest Way to Update Spyder to the Latest VersionUpdate Python Environments in 1 min with Conda.
-
12
Setting up a proper monitoring overview over your application’s performance is a complex task. Normally, you’d first need to figure out what you need to monitor, then instrument your code, and finally make sense of all the data that has been...
-
13
The Easiest Way to Debug Kubernetes Workloads Debugging containerized workloads and Pods is a daily task for every developer and DevOps engineer that works with Kubernetes. Oftentimes simple kubectl logs or ...
-
16
In this guide, we will cover the installation and configuration of LibreNMS on CentOS 7 server with Nginx and optional Letsencrypt SSL certificate for security.What is LibreNMS?LibreNMS is a community-based GPL-licensed auto-d...
-
17
Easiest way to install GNS3 1.3.9 on Kali Linux 2.0,Debian 8 and Ubuntu 15.04Gns3 1.3.9 was released which fixes 3 major problems found in version 1.3.8:Fixes launch crash on Windows 32-bit.Catch exception when trying to...
-
16
Install Rocket.Chat on Ubuntu 16.04 with Nginx and LetsencryptHello good people. This guide aims at taking you through the steps to install Rocket.Chat on Ubuntu 16.04. Rocket.Chat is an open-source messaging application built with
-
3
Easiest way to install git flow on Mac OS XMay 02, 2012 · 1 min read · Edit on GitHub
-
8
I've been riding the learn (build) in public wave for the past month. Here's what I've been doing: I code or learn for an hour Report my progress on
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK