×

This article covers how you can configure an Nginx server block and secure your web server using Let's Encrypt SSL. In fact, Let’s Encrypt SSL certificate is a digital certificate provided by Let’s Encrypt CA ( Certificate Authority) to secure a web server.


How to Install Certbot on your RHEL-based distros / Linux system ?

1. First, install the EPEL repository which provides additional and high-quality packages for RHEL-based distros:

$ sudo dnf install -y epel-release

2. Once installed, install certbot and certbot module for Nginx:

$ sudo dnf install certbot python3-certbot-nginx

This installs certbot, certbot module for Nginx host of other packages and dependencies.



This article covers how to secure your Apache webserver with Let's Encrypt SSL certificate. In fact, Let's Encrypt SSL certificates are yet another option for securing your web site with an SSL. Once installed, the system provides automatic renewal of certificates and will encrypt traffic to your web site.



This article covers how to install Certbot, to get let's encrypt certificates. SSL/TLS encryption is an integral part of the network infrastructure. Any web and mail server allows you to enable data encryption.

To begin, you must have a domain name. Its DNS A-record must contain the public address of your server. If the firewall is enabled, open access for HTTP and HTTPS traffic:

$ sudo ufw allow 80
$ sudo ufw allow 443


To Install the "Let's Encrypt" package on Ubuntu:

1. Run the command below to install Let's Encrypt.

$ sudo apt install letsencrypt

2. Check the "certbot.timer" utility for automatic certificate renewal.

$ sudo systemctl status certbot.timer



This article covers how to install certbot client, obtain Let's Encrypt SSL certificate and configured to Nginx to use the certificates. Also, you will learn how to set up a cronjob for automatic certificate renewal.

Let's Encrypt is a Certificate Authority (CA) that provides an easy way to obtain and install free TLS/SSL certificates, thereby enabling encrypted HTTPS on web servers. 


To Install Certbot on Ubuntu:

1. First, add the repository.

$ sudo add-apt-repository ppa:certbot/certbot

You'll need to press ENTER to accept.

2. Install Certbot's Nginx package with apt:

$ sudo apt install python-certbot-nginx



This article covers how to install certbot client, obtain Let's Encrypt SSL certificate and configured to Nginx to use the certificates. Also you will learn how to set up a cronjob for automatic certificate renewal.


To install the Certbot software on Debian:

1. Update your package list.

$ sudo apt update

2. Next, install the dependencies for the python3-certbot-nginx package, which include the python3-acme, python3-certbot, python3-mock, python3-openssl, python3-pkg-resources, python3-pyparsing, and python3-zope.interface packages.

$ sudo apt install python3-acme python3-certbot python3-mock python3-openssl python3-pkg-resources python3-pyparsing python3-zope.interface

3. Finally, install the python3-certbot-nginx package:

$ sudo apt install python3-certbot-nginx



This article covers how to use the certbot Let’s Encrypt client to obtain a free SSL certificate and use it with Nginx on CentOS 7. 

Let's Encrypt is a new Certificate Authority (CA) that provides an easy way to obtain and install free TLS/SSL certificates, thereby enabling encrypted HTTPS on web servers. It simplifies the process by providing a software client, Certbot, that attempts to automate most (if not all) of the required steps. 

Currently, the entire process of obtaining and installing a certificate is fully automated on both Apache and Nginx web servers.


To Install the Certbot Let's Encrypt Client:

1. Enable access to the EPEL repository on your server by typing:

$ sudo yum install epel-release

2. Once the repository has been enabled, you can obtain the certbot-nginx package by typing:

$ sudo yum install certbot-nginx


How to Install Nginx on CentOS ?

1. To install Nginx, run the command:

$ sudo yum install nginx

2. Then, start Nginx using systemctl:

$ sudo systemctl start nginx


How to configure firewall on CentOS ?

If you have a firewall enabled, make sure port 80 and 443 are open to incoming traffic.

1. If you have a firewalld firewall running, you can open these ports by typing:

$ sudo firewall-cmd --add-service=http
$ sudo firewall-cmd --add-service=https
$ sudo firewall-cmd --runtime-to-permanent

2. If have an iptables firewall running, the commands you need to run are highly dependent on your current rule set. For a basic rule set, you can add HTTP and HTTPS access by typing:

$ sudo iptables -I INPUT -p tcp -m tcp --dport 80 -j ACCEPT
$ sudo iptables -I INPUT -p tcp -m tcp --dport 443 -j ACCEPT



This article covers how to install Let’s Encrypt SSL on Ubuntu 18.04 by using Certbot. Enabling an encrypted connection to the web server is fundamental because it allows you to use the secure HTTPS protocol for your website. Let's Encrypt, a Certification Authority issues a free certificate completely in line with the required security standards. Let's Encrypt simplifies the process for installing the security certificate to help even the less experienced user secure a website through the use of the Certbot client.


To Install Certbot client on Ubuntu:

1. First, add the Certbot repository:

$ sudo add-apt-repository ppa:certbot/certbot

You'll need to press ENTER to accept.

2. Install Certbot's Apache package with apt:

$ sudo apt install python-certbot-apache



This article covers how to secure Apache with Let's Encrypt SSL on CentOS 7 using Certbot client. Also, you will learn how to set up a cronjob for automatic certificate renewal. Basically, A security certificate is critical for securing traffic sent from web browsers to web servers. Let's Encrypt certificate is a free, open and automated certificate authority that you can use to encrypt your site. The certificate expires after every 90 days and auto-renews at absolutely no cost.


To Install Certbot in CentOS 8.

Certbot is a client that automates the installation of the security certificate. It fetches the certificate from Let's encrypt authority and deploys it on your web server without much of a hassle.

1. Before downloading certbot, first, install packages that are necessary for the configuration of an encrypted connection:

$ sudo dnf install mod_ssl openssl

2. Download certbot using the curl command:

$ sudo curl -O https://dl.eff.org/certbot-auto

3. Next, move the certbot file to the /usr/local/bin directory and assign the execute file permissions:

$ sudo mv certbot-auto /usr/local/bin
$ sudo chmod 755 /usr/local/bin/certbot-auto


To Assign the permissions to the Document root of a domain:

$ sudo chown -R apache:apache /var/www/domain.com

For the changes to come into effect, restart the Apache service:

$ sudo systemctl restart httpd



This article covers how to use certbot client of Let’s Encrypt to obtain SSL certificate for you domain.

To set these up DNS records for your server, you can follow these instructions for adding domains and then these instructions for creating DNS records:

  • An A record with your_domain pointing to your server’s public IP address.
  • An A record with www.your_domain pointing to your server’s public IP address.


To install Certbot as a snap on Debian

You must first have snapd installed on your server. 

snapd is a daemon required to install, use, and manage snaps. 

Installing the snapd package will also install the snap command on your server.

1. To install snapd, update your local package index if you've not done so recently:

$ sudo apt update

2. Then install the snapd package:

$ sudo apt install snapd

After running this command, you'll be prompted to confirm that you want to install snapd and its dependencies.

Do so by pressing Y and then ENTER.

3. Next, use the snap command to install the core snap. This will install some dependencies on your server that are needed for any snap you install, including the Certbot snap:

$ sudo snap install core

4. Then refresh the core snap. Doing so will ensure that you have the latest versions of snapd and its dependencies installed:

$ sudo snap refresh core

Following that, you can install the certbot snap with the following command.

5. Because Certbot must be allowed to edit certain configuration files in order to correctly set up certificates, this command includes the --classic option. This confinement level allows any snaps installed under it the same access to system resources as traditional packages:

$ sudo snap install --classic certbot

6. Create a symbolic link to this file in the /usr/bin/ directory to ensure that you can run the certbot command anywhere on your system:

$ sudo ln -s /snap/bin/certbot /usr/bin/certbot



This article covers steps to install a LEMP stack on a Debian 10 server using MariaDB as the database management system. The LEMP software stack is a group of software that can be used to serve dynamic web pages and web applications. The name "LEMP" is an acronym that describes a Linux operating system, with an (E)Nginx web server. The backend data is stored in a MariaDB database and the dynamic processing is handled by PHP.

Although this software stack typically includes MySQL as the database management system, some Linux distributions — including Debian — use MariaDB as a drop-in replacement for MySQL.


To install Nginx Web Server.

1. Run the apt commands:

$ sudo apt update
$ sudo apt install nginx

On Debian 10, Nginx is configured to start running upon installation.



This article covers method to Secure Apache with Let's Encrypt on Ubuntu 20.04. Let's Encrypt is a certificate authority created by the Internet Security Research Group (ISRG).

It provides free SSL certificates via a fully automated process designed to eliminate manual certificate creation, validation, installation, and renewal.

Certificates issued by Let's Encrypt are valid for 90 days from the issue date and trusted by all major browsers today.


To install Certbot on Ubuntu:

Certbot is a command-line tool that automates the tasks for obtaining and renewing Let’s Encrypt SSL certificates. 

The certbot package is included in the default Ubuntu repositories. 

Update the packages list and install certbot using the following commands:

$ sudo apt update
$ sudo apt install certbot

Before enabling the configuration files, make sure both mod_ssl and mod_headers are enabled by issuing:

$ sudo a2enmod ssl
$ sudo a2enmod headers

Next, enable the SSL configuration files by running the following commands:

$ sudo a2enconf letsencrypt
$ sudo a2enconf ssl-params

Enable the HTTP/2 module, which will make your sites faster and more robust:

$ sudo a2enmod http2

Reload the Apache configuration for changes to take effect:

$ sudo systemctl reload apache2




More Linux Tutorials

We create Linux HowTos and Tutorials for Sys Admins. Visit us on IbmiMedia.com

Also for Tech related tips, Visit forum.outsourcepath.com or General Technical tips on www.outsourcepath.com