x

Install Certbot on nginx with Centos 8

Step 1 — Installing the Certbot Let’s Encrypt Client

To use Let’s Encrypt to obtain an SSL certificate, you first need to install Certbot and mod_ssl, an Apache module that provides support for SSLv3 encryption.

The certbot package is not available through the package manager by default. You will need to enable the EPEL repository to install Certbot.

To add the CentOS 8 EPEL repository, run the following command:

  • sudo dnf install epel-release

Copy

Now that you have access to the repository, install all of the required packages:

  • sudo dnf install certbot python3-certbot-nginx mod_ssl

Copy

With these services installed, you’re now ready to run Certbot and fetch your certificates.

Step 2 — Obtaining a Certificate

Now that Certbot is installed, you can use it to request an SSL certificate for your domain.

Using the certbot Let’s Encrypt client to generate the SSL Certificate for nginx  automates many of the steps in the process. The client will automatically obtain and install a new SSL certificate that is valid for the domains you provide as parameters.

To execute the interactive installation and obtain a certificate that covers only a single domain, run the certbot command with:

  • sudo certbot --nginx-d example.com

Copy

This runs certbot with the --nginx plugin and specifies the domain to configure the certificate for with the -d flag.

If you want to install a single certificate that is valid for multiple domains or subdomains, you can pass them as additional parameters to the command, tagging each new domain or subdomain with the -d flag. The first domain name in the list of parameters will be the base domain used by Let’s Encrypt to create the certificate. For this reason, pass the base domain name as first in the list, followed by any additional subdomains or aliases:

  • sudo certbot --nginx -d example.com -d www.example.com

Copy

The base domain in this example is example.com.

How can I renew Let's Encrypt certificates?

we can use the below command to renew the ssl license 

sudo certbot renew

Tags