1. Import your SSL to the server through FTP and unzip them in a particular directory, If you don’t have SSL you can generate Let’s Encrypt free SSL by following the below steps.
install the git package:
sudo apt-get install git
sudo yum install git
Clone a Let’s Encrypt repository from Github Official Repository
sudo git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt
Navigate to the clone directory
sudo cd /opt/letsencrypt
Run Let’s Encrypt with the –standalone parameter. For each additional domain name requiring a certificate, add -d example.com to the end of the command. Kindly change the domain name.
sudo -H ./letsencrypt-auto certonly --standalone -d cyberbuddy.in -d www.cyberbuddy.in
When prompted Agree to the Terms by pressing “A” and Type “N” for the second step.
After this SSL will generate if all goes well you will get the below output
IMPORTANT NOTES:
– Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/cyberbuddy.in/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/cyberbuddy.in/privkey.pem
Your cert will expire on 2020-11-08. To obtain a new or tweaked
version of this certificate in the future, simply run
letsencrypt-auto again. To non-interactively renew *all* of your
certificates, run “letsencrypt-auto renew”
– If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let’s Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
2. Enable mod_ssl for Apache
sudo a2enmod rewrite && sudo service apache2 restart
sudo yum install mod_ssl -y && sudo systemctl restart httpd
3. Create VirtualHost Configuration for HTTPS, Kindly change the domain name.
<virtualhost *:443> ServerName cyberbuddy.in ServerAlias www.cyberbuddy.in Documentroot /var/www/cyberbuddy.in SSLEngine on SSLCertificateFile /etc/letsencrypt/live/cyberbuddy.in/primary.crt SSLCertificateKeyFile /etc/letsencrypt/live/cyberbuddy.in/private.key SSLCertificateChainFile /etc/letsencrypt/live/cyberbuddy.in/intermediate.crt <Directory "/var/www/cyberbuddy.in">
AllowOverride All
Allow from all
</Directory>
</virtualhost>
4. Then First, run the following command to check your Apache configuration file for errors
sudo apachectl configtest && sudo service apache2 restart
sudo httpd -t && sudo service apache2 restart
5. Confirm that the above commands returns a Syntax OK response. If it does not, review your configuration files.
6. After confirming a Syntax OK response, restart the apache by below commands
service apache2 restart
service httpd restart
7. Verify your SSL installation through SSL Checker Website
8. Automatically Renew SSL Certificates (Optional)
You can add cron job to keep the ssl/letsencrypt-auto clinet up to date, follow below steps.
sudo crontab -e
0 0 1 * * /opt/letsencrypt/letsencrypt-auto renew
0 0 1 * * cd /opt/letsencrypt && git pull
Vikas Kumar
Awesome, Keep Learning & Sharing
Nitin
very helpful 🙂