[email protected]

Installing SSL over Shell Access

we use Certbot ACME client to automate certificate issuance and installation with no downtime.

In Certbot choose the OS you are using and you will see Installation instrustions

or

 wget https://dl.eff.org/certbot-auto

when the package is downloaded type this command as a root or use sudo

Note: you need to enable port 443 to install SSL – check how to enable ports in centos

./certbot-auto

it will ask your email address and show you all the list of domains in your Virtural host, select the domain by number and it will install the certificate in your sites-available directory or in /etc/letsencrypt folder.

To config the SSL certificates manually if it is not done.

open ssl-conf file which is in /etc/http/conf.d/ – in centos

and find this section

and enable or type as below

SSLEngine on 
SSLCertificateFile /etc/letsencrypt/live/domainname.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/domainname.com/privkey.pem

 Note: replace domainame.com with your domainame, you will find this cert.pem & privkey.pem in letsencrypt in live folder

save the file and restart your apache server.

open the browser and type your website with https://domainname.com

you have succesfully installted ssl now its time to renew your certificate every three months.
just add a cronjob to renew automatically every three months

run

./certbot-auto renew --dry-run

this will do test and show you results that every this command will work.

and add this command in crontab to run every three months

./certbot-auto renew

make sure the path of your certbot-auto is correct.