Install Certbot on nginx with Centos 8
Step 1 — Installing the Certbot Let’s Encrypt Client
To use Let’s Encrypt to obtain an SSL certificate, you first need to install Certbot and mod_ssl
, an Apache module that provides support for SSLv3 encryption.
The certbot
package is not available through the package manager by default. You will need to enable the EPEL repository to install Certbot.
To add the CentOS 8 EPEL repository, run the following command:
sudo dnf install epel-release
Copy
Now that you have access to the repository, install all of the required packages:
sudo dnf install certbot python3-certbot-nginx mod_ssl
Copy
With these services installed, you’re now ready to run Certbot and fetch your certificates.
Step 2 — Obtaining a Certificate
Now that Certbot is installed, you can use it to request an SSL certificate for your domain.
Using the certbot
Let’s Encrypt client to generate the SSL Certificate for nginx automates many of the steps in the process. The client will automatically obtain and install a new SSL certificate that is valid for the domains you provide as parameters.
To execute the interactive installation and obtain a certificate that covers only a single domain, run the certbot
command with:
sudo certbot --nginx-d example.com
Copy
This runs certbot
with the --nginx
plugin and specifies the domain to configure the certificate for with the -d
flag.
If you want to install a single certificate that is valid for multiple domains or subdomains, you can pass them as additional parameters to the command, tagging each new domain or subdomain with the -d
flag. The first domain name in the list of parameters will be the base domain used by Let’s Encrypt to create the certificate. For this reason, pass the base domain name as first in the list, followed by any additional subdomains or aliases:
sudo certbot --nginx -d example.com -d www.example.com
Copy
The base domain in this example is example.com
.
How can I renew Let's Encrypt certificates?
we can use the below command to renew the ssl license
sudo certbot renew