How to install Let’s Encrypt SSL Certs
Some of our websites are using free SSL certs provided by Let’s Encrypt.
e.g. https://solusvm.hostcentral.net
It provides a free solution to any service requiring SSL certificates. These SSL certs expire every 3 months but they can be easily renewed.
The below example is catered for solusvm.hostcentral.net in SG0742
1. Installation of Certbot
# yum install git -y # cd /root # git clone https://github.com/certbot/certbot
2. Generation of the SSL Cert
# cd /root/certbot # ./certbot-auto certonly --webroot -w /usr/local/solusvm/www -d solusvm.hostcentral.net
Note: the domain name needs to be publicly resolvable
3. Renewal of the SSL Cert
# cd /root/certbot # ./certbot-auto renew
4. Replacing the SSL Certs
# cd /etc/letsencrypt/live/solusvm.hostcentral.net # cat privkey.pem cert.pem > solusvm.pem cp /etc/letsencrypt/live/solusvm.hostcentral.net/solusvm.pem /usr/local/solusvm/ssl/cert.pem cp /etc/letsencrypt/live/solusvm.hostcentral.net/fullchain.pem /usr/local/svmstack/nginx/ssl/ssl.crt cp /etc/letsencrypt/live/solusvm.hostcentral.net/privkey.pem /usr/local/svmstack/nginx/ssl/ssl.key
service lighttpd restart service svmstack-nginx restart
If apache throws an error which being restarted, it means wrong files have been provided.
5. Verify the SSL Cert is Properly installed
