How to Install Let’s Encrypt SSL Certificate to Secure Apache on RHEL/CentOS 7/6

If You Appreciate What We Do Here On TecMint, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Google Plus
  2. Subscribe to our email updates: Sign Up Now
  3. Get your own self-hosted blog with a Free Domain at ($3.95/month).
  4. Become a Supporter - Make a contribution via PayPal
  5. Support us by purchasing our premium books in PDF format.
  6. Support us by taking our online Linux courses

We are thankful for your never ending support.

Matei Cezar

I'am a computer addicted guy, a fan of open source and linux based system software, have about 4 years experience with Linux distributions desktop, servers and bash scripting.

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

9 Responses

  1. Kris Hayes says:

    Hey, thanks for the tutorial, everything seams to have installed fine however I get a privacy error on Chrome when I try and access my site on https. Is there something I’ve missed?

  2. Indi says:

    Thanks for the great article. Worked flawlessly with the first domain I tried. However I came up with a problem when I went to do it for another domain on my VPS. Substep 10 (where you are asked for which vhost), I get a warning msg ‘note: conf files with multiple vhosts are not yet supported’. Is there any way around this?

    • Matei Cezar says:

      You can try to split the configuration files for each vhost. Create one .conf file file for each domain and one for each port 80 and port 443 .

  3. Neil Edwards says:

    Great article, thank you!!

    I have a small question regarding sub-step 19 where it says “Use your domain name as a positional parameter for the script.”. If you originally requested the certificate for multiple sub domains in sub-step 7 (ie. -d sub1.domain.com -d sub2.domain.com), would you declare those multiple domains as your positional parameter, or would you have to schedule two separate cron jobs to renew each sub domain? or do you just declare one sub domain and it knows to renew that cert with the Subject Alt Names?

  4. nda888 says:

    Hi,

    I followed the guide and finished the setup

    but unfortunately ,

    https://www.ssllabs.com/ssltest/analyze.html?d=abc.gkxim.com#whyNotTrusted

    ssllabs alert “This server’s certificate is not trusted”

    I deploy on AWS

    Please help

    Thanks,
    An,

    • Matei Cezar says:

      From the link it seems there is a problem with your server FQDN and certificate Common Name value. Try to generate a new certificate and make sure your server FQDN has the same value for certificate’s Common Name. Also, seems to me that your web server is behind a firewall: ip-10-145-137-246 MISMATCH.

  5. Kicko says:

    Great, thank you… but you missed your_domain.tld in the cronjob. Correct:

    0 1 1 */2 * /usr/local/bin/le-renew-centos your_domain.tld >> /var/log/your_domain.tld-renew.log 2>&1

Got something to say? Join the discussion.

Your email address will not be published. Required fields are marked *