Install free SSL Certificates
Installing SSL over Shell Access
we use Certbot ACME client to automate certificate issuance and installation with no downtime.
In Certbot choose the OS you are using and you will see Installation instrustions
or
wget https://dl.eff.org/certbot-auto
when the package is downloaded type this command as a root or use sudo
Note: you need to enable port 443 to install SSL – check how to enable ports in centos
./certbot-auto
it will ask your email address and show you all the list of domains in your Virtural host, select the domain by number and it will install the certificate in your sites-available directory or in /etc/letsencrypt folder.
To config the SSL certificates manually if it is not done.
open ssl-conf file which is in /etc/http/conf.d/ – in centos
and find this section
and enable or type as below
SSLEngine on SSLCertificateFile /etc/letsencrypt/live/domainname.com/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/domainname.com/privkey.pem
Note: replace domainame.com with your domainame, you will find this cert.pem & privkey.pem in letsencrypt in live folder
save the file and restart your apache server.
open the browser and type your website with https://domainname.com
you have succesfully installted ssl now its time to renew your certificate every three months.
just add a cronjob to renew automatically every three months
run
./certbot-auto renew --dry-run
this will do test and show you results that every this command will work.
and add this command in crontab to run every three months
./certbot-auto renew
make sure the path of your certbot-auto is correct.