×

This article covers how you can configure an Nginx server block and secure your web server using Let's Encrypt SSL. In fact, Let’s Encrypt SSL certificate is a digital certificate provided by Let’s Encrypt CA ( Certificate Authority) to secure a web server.


How to Install Certbot on your RHEL-based distros / Linux system ?

1. First, install the EPEL repository which provides additional and high-quality packages for RHEL-based distros:

$ sudo dnf install -y epel-release

2. Once installed, install certbot and certbot module for Nginx:

$ sudo dnf install certbot python3-certbot-nginx

This installs certbot, certbot module for Nginx host of other packages and dependencies.



This article covers how to secure your Apache webserver with Let's Encrypt SSL certificate. In fact, Let's Encrypt SSL certificates are yet another option for securing your web site with an SSL. Once installed, the system provides automatic renewal of certificates and will encrypt traffic to your web site.



This article covers a detailed review of the leading SSL certificate provision services in the market. Many SSL certificate providers offer brilliant security and privacy-related services but at a hefty cost. However, in this article, we discuss the SSL certificate providers that offer their World Wide Web protection services either for free or offer free trials so that users can acquaint themselves with the services to make the best decisions for their products, or their organizations. Let's Encrypt and SSL For Free offer free SSL certification for all, whereas Comodo, Cloudfare, HubSpot, GeoTrust, and GoDaddy offer free trials varying between the free trial periods ranging from 14 days for up to 30 days.

Website security is a top concern for site owners and visitors alike. If your site isn't secure, people won’t feel safe browsing, purchasing, making clicks, or entering any information on your pages.



This article covers how to install Certbot, to get let's encrypt certificates. SSL/TLS encryption is an integral part of the network infrastructure. Any web and mail server allows you to enable data encryption.

To begin, you must have a domain name. Its DNS A-record must contain the public address of your server. If the firewall is enabled, open access for HTTP and HTTPS traffic:

$ sudo ufw allow 80
$ sudo ufw allow 443


To Install the "Let's Encrypt" package on Ubuntu:

1. Run the command below to install Let's Encrypt.

$ sudo apt install letsencrypt

2. Check the "certbot.timer" utility for automatic certificate renewal.

$ sudo systemctl status certbot.timer



This article covers how to install certbot client, obtain Let's Encrypt SSL certificate and configured to Nginx to use the certificates. Also, you will learn how to set up a cronjob for automatic certificate renewal.

Let's Encrypt is a Certificate Authority (CA) that provides an easy way to obtain and install free TLS/SSL certificates, thereby enabling encrypted HTTPS on web servers. 


To Install Certbot on Ubuntu:

1. First, add the repository.

$ sudo add-apt-repository ppa:certbot/certbot

You'll need to press ENTER to accept.

2. Install Certbot's Nginx package with apt:

$ sudo apt install python-certbot-nginx



This article covers how to install certbot client, obtain Let's Encrypt SSL certificate and configured to Nginx to use the certificates. Also you will learn how to set up a cronjob for automatic certificate renewal.


To install the Certbot software on Debian:

1. Update your package list.

$ sudo apt update

2. Next, install the dependencies for the python3-certbot-nginx package, which include the python3-acme, python3-certbot, python3-mock, python3-openssl, python3-pkg-resources, python3-pyparsing, and python3-zope.interface packages.

$ sudo apt install python3-acme python3-certbot python3-mock python3-openssl python3-pkg-resources python3-pyparsing python3-zope.interface

3. Finally, install the python3-certbot-nginx package:

$ sudo apt install python3-certbot-nginx



This article covers how to create an Nginx server blocks to host multiple website on a single Debian machine. Nginx is a very popular high-performance web server that combines the power of reverse proxying, load balancing, caching and so much more. Depending on how it is configured, it can act as a reverse proxy as well as a load balancer for HTTP/HTTPS servers.


To install Nginx on Debian:

1. Update the Debian 10 Package Repository.

$  sudo apt update -y

2. Install Nginx on Debian 10.

$ sudo apt install nginx -y

3. To check the status of Nginx, execute:

$ systemctl status nginx



This article covers how to use the certbot Let’s Encrypt client to obtain a free SSL certificate and use it with Nginx on CentOS 7. 

Let's Encrypt is a new Certificate Authority (CA) that provides an easy way to obtain and install free TLS/SSL certificates, thereby enabling encrypted HTTPS on web servers. It simplifies the process by providing a software client, Certbot, that attempts to automate most (if not all) of the required steps. 

Currently, the entire process of obtaining and installing a certificate is fully automated on both Apache and Nginx web servers.


To Install the Certbot Let's Encrypt Client:

1. Enable access to the EPEL repository on your server by typing:

$ sudo yum install epel-release

2. Once the repository has been enabled, you can obtain the certbot-nginx package by typing:

$ sudo yum install certbot-nginx


How to Install Nginx on CentOS ?

1. To install Nginx, run the command:

$ sudo yum install nginx

2. Then, start Nginx using systemctl:

$ sudo systemctl start nginx


How to configure firewall on CentOS ?

If you have a firewall enabled, make sure port 80 and 443 are open to incoming traffic.

1. If you have a firewalld firewall running, you can open these ports by typing:

$ sudo firewall-cmd --add-service=http
$ sudo firewall-cmd --add-service=https
$ sudo firewall-cmd --runtime-to-permanent

2. If have an iptables firewall running, the commands you need to run are highly dependent on your current rule set. For a basic rule set, you can add HTTP and HTTPS access by typing:

$ sudo iptables -I INPUT -p tcp -m tcp --dport 80 -j ACCEPT
$ sudo iptables -I INPUT -p tcp -m tcp --dport 443 -j ACCEPT



This article covers how to install Let’s Encrypt SSL on Ubuntu 18.04 by using Certbot. Enabling an encrypted connection to the web server is fundamental because it allows you to use the secure HTTPS protocol for your website. Let's Encrypt, a Certification Authority issues a free certificate completely in line with the required security standards. Let's Encrypt simplifies the process for installing the security certificate to help even the less experienced user secure a website through the use of the Certbot client.


To Install Certbot client on Ubuntu:

1. First, add the Certbot repository:

$ sudo add-apt-repository ppa:certbot/certbot

You'll need to press ENTER to accept.

2. Install Certbot's Apache package with apt:

$ sudo apt install python-certbot-apache



This article covers how to secure Apache with Let's Encrypt SSL on CentOS 7 using Certbot client. Also, you will learn how to set up a cronjob for automatic certificate renewal. Basically, A security certificate is critical for securing traffic sent from web browsers to web servers. Let's Encrypt certificate is a free, open and automated certificate authority that you can use to encrypt your site. The certificate expires after every 90 days and auto-renews at absolutely no cost.


To Install Certbot in CentOS 8.

Certbot is a client that automates the installation of the security certificate. It fetches the certificate from Let's encrypt authority and deploys it on your web server without much of a hassle.

1. Before downloading certbot, first, install packages that are necessary for the configuration of an encrypted connection:

$ sudo dnf install mod_ssl openssl

2. Download certbot using the curl command:

$ sudo curl -O https://dl.eff.org/certbot-auto

3. Next, move the certbot file to the /usr/local/bin directory and assign the execute file permissions:

$ sudo mv certbot-auto /usr/local/bin
$ sudo chmod 755 /usr/local/bin/certbot-auto


To Assign the permissions to the Document root of a domain:

$ sudo chown -R apache:apache /var/www/domain.com

For the changes to come into effect, restart the Apache service:

$ sudo systemctl restart httpd



This article covers how to use certbot client of Let’s Encrypt to obtain SSL certificate for you domain.

To set these up DNS records for your server, you can follow these instructions for adding domains and then these instructions for creating DNS records:

  • An A record with your_domain pointing to your server’s public IP address.
  • An A record with www.your_domain pointing to your server’s public IP address.


To install Certbot as a snap on Debian

You must first have snapd installed on your server. 

snapd is a daemon required to install, use, and manage snaps. 

Installing the snapd package will also install the snap command on your server.

1. To install snapd, update your local package index if you've not done so recently:

$ sudo apt update

2. Then install the snapd package:

$ sudo apt install snapd

After running this command, you'll be prompted to confirm that you want to install snapd and its dependencies.

Do so by pressing Y and then ENTER.

3. Next, use the snap command to install the core snap. This will install some dependencies on your server that are needed for any snap you install, including the Certbot snap:

$ sudo snap install core

4. Then refresh the core snap. Doing so will ensure that you have the latest versions of snapd and its dependencies installed:

$ sudo snap refresh core

Following that, you can install the certbot snap with the following command.

5. Because Certbot must be allowed to edit certain configuration files in order to correctly set up certificates, this command includes the --classic option. This confinement level allows any snaps installed under it the same access to system resources as traditional packages:

$ sudo snap install --classic certbot

6. Create a symbolic link to this file in the /usr/bin/ directory to ensure that you can run the certbot command anywhere on your system:

$ sudo ln -s /snap/bin/certbot /usr/bin/certbot



This article covers method to Secure Apache with Let's Encrypt on Ubuntu 20.04. Let's Encrypt is a certificate authority created by the Internet Security Research Group (ISRG).

It provides free SSL certificates via a fully automated process designed to eliminate manual certificate creation, validation, installation, and renewal.

Certificates issued by Let's Encrypt are valid for 90 days from the issue date and trusted by all major browsers today.


To install Certbot on Ubuntu:

Certbot is a command-line tool that automates the tasks for obtaining and renewing Let’s Encrypt SSL certificates. 

The certbot package is included in the default Ubuntu repositories. 

Update the packages list and install certbot using the following commands:

$ sudo apt update
$ sudo apt install certbot

Before enabling the configuration files, make sure both mod_ssl and mod_headers are enabled by issuing:

$ sudo a2enmod ssl
$ sudo a2enmod headers

Next, enable the SSL configuration files by running the following commands:

$ sudo a2enconf letsencrypt
$ sudo a2enconf ssl-params

Enable the HTTP/2 module, which will make your sites faster and more robust:

$ sudo a2enmod http2

Reload the Apache configuration for changes to take effect:

$ sudo systemctl reload apache2




More Linux Tutorials

We create Linux HowTos and Tutorials for Sys Admins. Visit us on IbmiMedia.com

Also for Tech related tips, Visit forum.outsourcepath.com or General Technical tips on www.outsourcepath.com