To secure Apache with Let’s Encrypt certificates on RHEL 8/9, you can use the Certbot tool. Here are the general steps to follow:
- Install Certbot by running the following command:
sudo dnf install certbot-apache
- Obtain a certificate by running the following command:
sudo certbot --apache -d example.com -d www.example.com
- Configure Apache to use the newly obtained certificate by editing the Apache configuration file, typically located in /etc/httpd/conf.d/ssl.conf and adding the following lines:
SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem
- Restart the Apache service:
sudo systemctl restart httpd
- Once you have completed these steps, your Apache server should now be configured to use a Let’s Encrypt certificate.
- Finally, You should set up a cron job or systemd timer to automatically renew the certificate before they expire. You can use this command to renew the certificate automatically:
sudo certbot renew --quiet --no-self-upgrade
Note: These are just general steps, for more detailed and accurate steps please refer to the official documentation of Let’s Encrypt and Apache.