Last active
September 11, 2021 14:25
-
-
Save BenMorel/7be15deab9f2532ff52f57fd209a7cc1 to your computer and use it in GitHub Desktop.
Set up letsencrypt certificate with Apache and renew automatically
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Note: this must be executed on the server hosting the domain name! | |
| # Install required packages on RHEL / Fedora: | |
| # EPEL might be required on RHEL: https://fedoraproject.org/wiki/EPEL | |
| sudo yum install -y certbot python3-certbot-apache | |
| # Set up letsencrypt: validates the domain, generates a certificate, and updates Apache config | |
| # Replace example.tld with your domain name | |
| # Add multiple -d if you need to support multiple domains | |
| sudo certbot --apache -d example.tld -d example2.tld |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Run every day; will only renew when necessary | |
| # Note: this is using the standalone challenge, and requires to briefly stop Apache to make port 80 available; | |
| # there are better challenges than this one. Only use on low traffic times (at night). | |
| systemctl stop httpd | |
| certbot renew | |
| systemctl start httpd |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment