Blog
Posted by
Hariharan Lakshmanan on 05 Dec 2022
Certbot is an open-source command line tool that is used for getting certificates for self-hosted servers that are not already given HTTPS by their providers. Developed by Electronic Frontier Foundation (EFF), Certbot can help switch an existing HTTP website to HTTPS and renew the HTTPS certificate as required.
Certbot can be used with a server, whether on-premise or cloud-based if it meets the following conditions:
This blog briefs the steps required to install and run Certbot for servers that run Ubuntu or Amazon Linux images.
Check if:
Step 1 Ubuntu recommends using snap packages for installation
sudo snap install core; sudo snap refresh core
Step 2 Delete any previous version of Certbot in the system
sudo apt remove certbot
Step 3 Install the Certbot
sudo snap install --classic certbot
Step 4 Link the Certbot command from the snap install directory to your path
sudo ln -s /snap/bin/certbot /usr/bin/certbot
Step 5 Allow 443 port
sudo ufw allow 443
Step 6 Run Certbot to get certificates for different servers
sudo certbot certonly --standalone -d
sudo certbot --apache
sudo certbot --nginx
sudo certbot certonly --webroot
Step 7 Configure the application
sudo ls /etc/letsencrypt/live/your_domain
sudo nano /etc/letsencrypt/renewal/your_domain.conf
renew_hook= systemctl reload
sudo certbot renew -dry-run
Note: Creating an EC2 instance is not in the scope of this document. Please refer to this link.
Step 1
ssh -i [email protected]
Or
Click Connect to login into your instance
sudo wget -r --no-parent -A 'epel-release-*.rpm'
https://dl.fedoraproject.org/pub/epel/7/x86_64/Packages/e/
Step 2
sudo rpm -Uvh dl.fedoraproject.org/pub/epel/7/x86_64/Packages/e/epel-release-*.rpm
Step 3
sudo yum-config-manager --enable epel*
sudo yum repolist all
Step 4 Edit the apache config file/etc/httpd/conf/httpd.conf. Locate the “Listen 80” directive and add the specific domain and subdomain details.
Step 5 Save and restart Apache
sudo systemctl restart httpd
Step 1 Install Amazon extras repo for epel
sudo amazon-linux-extras install epel -y
Step 2 Install Certbot packages and dependencies
sudo yum install -y certbot python2-certbot-apache
Step 3 Run Certbot
sudo certbot
Step 4 Enter the admin email address for Certbot communication
Step 1 Open /etc/crontab
sudo crontab -e
0 7 * * * /usr/bin/certbot renew
https://www.ssllabs.com/ssltest/
References
Share On
Tags
Amazon Linus
AMI
Certbot
How to
Ubuntu
Highlights
Download Blog