How can you get a free ssl certificate for your site?

in linux •  11 months ago

Do you have a blog or site and want to get an SSL certificate for your site?
You found out that it's important for Google to have an SSL certificate on your site to count on Google results!


I'll show you how I did for my blog

We found last year the project "Let's Encrypt"

It is a project supported by several corporations. The list below !

I have followed the explained steps for shell access because I have my own blog server, and I think it's the easiest way.
More information and explanations here

Even their recommendation is to use the shell access path, since you choose this path you are redirected to another site where you download an application
In the above link I have already selected Apache with Centos 7.
Go to your server in the shell and write.

yum install certbot-apache

It installs what you need to put the SSL certificate.

Next step

certbot --authenticator webroot --installer apache

And that's it, you'll get a 3-month free certificate.
For renewal you only have to do the next step:

certbot renew --dry-run

Case 2 now

Let's say you have multiple sites on your server and you only want a SSL certificate for a site.
Step 1: ( real example )
Execute the command:

certbot certonly --webroot -w /var/www/html/ -d
Suppose we already installed certbot ( yum -y install certbot ) For the above case we want to for an ssl certificate for the domain. The result after I run certbot:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Starting new HTTPS connection (1):
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for
Using the webroot path /var/www/html/ for all unmatched domains.
Waiting for verification...
Cleaning up challenges


  • Congratulations! Your certificate and chain have been saved at:
    Your key file has been saved at:
    Your cert will expire on 2018-04-28. To obtain a new or tweaked
    version of this certificate in the future, simply run certbot
    again. To non-interactively renew all of your certificates, run
    "certbot renew"

  • If you like Certbot, please consider supporting our work by:

    Donating to ISRG / Let's Encrypt:
    Donating to EFF:

Now we need to edit the configuration file in VHOST.
vim /etc/httpd/conf.d/VHOSTS-le-ssl.conf

<  IfModule mod_ssl.c  >
        <Directory /var/www/html/>
                Order deny,allow
                Allow from all
                DirectoryIndex index.html
                Options +Indexes
        ServerPath /
        DocumentRoot /var/www/html/
        CustomLog /var/log/httpd/isstk_access.log common
        ErrorLog /var/log/httpd/isstk_error.log
SSLCertificateFile /etc/letsencrypt/live/
SSLCertificateKeyFile /etc/letsencrypt/live/
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateChainFile /etc/letsencrypt/live/

<  /IfModule  >
After that, we restart the apache server.
systemctl restart httpd
You can see the result here:

After the expiration of the certificate, we only have this step.

certbot renew

Enjoy and happy new day !


Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

This post has received a 1.25 % upvote from @boomerang thanks to: @luciancovaci


Well done! This post has received a 100.00 % upvote from @litasio thanks to: @luciancovaci. Whoop!

If you would like to delegate to the @LitasIO you can do so by clicking on the following link: 10SP