What is Let’s Encrypt, https://letsencrypt.org
Let’s Encrypt is a free, automated, and non-profit certificate authority brought to you by the nonprofit Internet Security Research Group (ISRG) that provides X.509 certificates for Transport Layer Security encryption at no charge.
The expiration date of a cert is 90 days, so you must renew within next 90 days later.
In this article, i will show basic step by step on how to Get and Deploy Free SSL Certificates from Let’s Encrypt
First, we need to install Certbot Client which is the tool to get certificates from Let’s Encrypt.
# yum --enablerepo=epel -y install certbot
# for the option [–webroot], use a directory under the webroot on your server as a working temp
# -w [document root] -d [FQDN you’d like to get certs]
# FQDN (Fully Qualified Domain Name) : linodelinux.lab
# if you’d like to get certs for more than 2 FQDNs, specify all like below
# ex : if get [linodelinux.lab] and [www.linodelinux.lab]
# ⇒ specify [-d linodelinux.lab -d www.linodelinux.lab]
# certbot certonly --webroot -w /var/www/html/linodelinux.lab -d linodelinux.lab
# certbot certonly --webroot -w /var/www/html/linodelinux.lab -d linodelinux.lab Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator webroot, Installer None Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org Requesting a certificate for linodelinux.lab Performing the following challenges: http-01 challenge for linodelinux.lab Using the webroot path /var/www/html/linodelinux.lab for all unmatched domains. Waiting for verification... Cleaning up challenges IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/linodelinux.lab/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/linodelinux.lab/privkey.pem Your certificate will expire on 2021-11-26. To obtain a new or tweaked version of this certificate in the future, simply run certbot again. To non-interactively renew *all* of your certificates, run "certbot renew" - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le