Step 1 — Installing the Certbot Let’s Encrypt Client
To use Let’s Encrypt to obtain an SSL certificate, you first need to install Certbot and
mod_ssl, an Apache module that provides support for SSLv3 encryption.
certbot package is not available through the package manager by default. You will need to enable the EPEL repository to install Certbot.
To add the CentOS 8 EPEL repository, run the following command:
sudo dnf install epel-release
Now that you have access to the repository, install all of the required packages:
sudo dnf install certbot python3-certbot-apache mod_ssl
With these services installed, you’re now ready to run Certbot and fetch your certificates.
Step 2 — Obtaining a Certificate
Now that Certbot is installed, you can use it to request an SSL certificate for your domain.
certbot Let’s Encrypt client to generate the SSL Certificate for Apache automates many of the steps in the process. The client will automatically obtain and install a new SSL certificate that is valid for the domains you provide as parameters.
To execute the interactive installation and obtain a certificate that covers only a single domain, run the
certbot command with:
sudo certbot --apache -d example.com
certbot with the
--apache plugin and specifies the domain to configure the certificate for with the
If you want to install a single certificate that is valid for multiple domains or subdomains, you can pass them as additional parameters to the command, tagging each new domain or subdomain with the
-d flag. The first domain name in the list of parameters will be the base domain used by Let’s Encrypt to create the certificate. For this reason, pass the base domain name as first in the list, followed by any additional subdomains or aliases:
sudo certbot --apache -d example.com -d www.example.com
The base domain in this example is