In this tutorial, we will show you how to install Certbot on AlmaLinux 8. For those of you who didn’t know, Certbot is a client that fetches the SSL certificate from the Let’s Encrypt authority and automates its installation and configuration. This eliminates the pain and hustle of accomplishing the entire process manually.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of Certbot on an AlmaLinux 8. You can follow the same instructions for CentOS and Rocky Linux.
Prerequisites
- A server running one of the following operating systems: AlmaLinux 8.
- It’s recommended that you use a fresh OS install to prevent any potential issues.
- A
non-root sudo useror access to theroot user. We recommend acting as anon-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.
Install Certbot on AlmaLinux 8
Step 1. First, let’s start by ensuring your system is up-to-date.
sudo dnf update sudo dnf install epel-release
Step 2. Installing Certbot on AlmaLinux 8.
- Install Certbot for Apache.
Run the following command below to install Certbot for Apache:
sudo dnf install certbot python3-certbot-apache mod_ssl
- Install Certbot for Nginx.
Run the following command below to install Certbot for Nginx:
sudo dnf install certbot python3-certbot-nginx
To verify the Certbot installation run:
certbot --version
Step 3. Installing an SSL Certificate on AlmaLinux.
Once successfully installed, use Certbot to get the SSL certificate. Specify --apache or --nginx depending on your web server. Other options are also available, but these are the two most common. We’ll use Apache in this example:
sudo certbot --apache
During installation, This will generate a set of prompts that you will need to answer. If all goes well, you should receive the following message:
Requesting a certificate for yourdomain.com Performing the following challenges: http-01 challenge for your-domain.com Waiting for verification... Cleaning up challenges Subscribe to the EFF mailing list (email: admin@your-domain.com). IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/your-domain.com/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/your-domain.com/privkey.pem Your certificate will expire on 2021-08-25. To obtain a new or tweaked version of this certificate in the future, simply run certbot again. To non-interactively renew *all* of your certificates, run "certbot renew" - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le
Step 4. Configure Firewall.
Now add firewall rules to allow connections as well as HTTP (port 80) and HTTPS (port 443) traffic:
sudo firewall-cmd --permanent --add-port=80/tcp --zone=public sudo firewall-cmd --permanent --add-port=443/tcp --zone=public sudo firewall-cmd --reload
Congratulations! You have successfully installed Certbot. Thanks for using this tutorial for installing Certbot on your AlmaLinux 8 system. For additional help or useful information, we recommend you check the official Certbot website.
