How To Install Let’s Encrypt SSL with LEMP on AlmaLinux 8

Install Free SSL Certificate with LEMP on AlmaLinux 8

In this tutorial, we will show you how to install Let’s Encrypt SSL with LEMP on AlmaLinux 8. For those of you who didn’t know, Let’s Encrypt is the free SSL option for you. Let’s Encrypt can be signed through Certbot, a free, open-source software tool for automatically issuing the SSL Certificate.

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of a free SSL certificate with LEMP on an AlmaLinux 8. You can follow the same instructions for CentOS and Rocky Linux.


  • A server running one of the following operating systems: AlmaLinux 8, CentOS, and Rocky Linux 8.
  • It’s recommended that you use a fresh OS install to prevent any potential issues.
  • SSH access to the server (or just open Terminal if you’re on a desktop).
  • A non-root sudo user or access to the root user. We recommend acting as a non-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.

Install Let’s Encrypt SSL with LEMP on AlmaLinux 8

Step 1. First, let’s start by ensuring your system is up-to-date.

sudo dnf update
sudo dnf install epel-release mod_ssl

Step 2. Installing a LEMP server.

An AlmaLinux LEMP server is required. If you do not have LEMP installed, you can follow our guide here.

Step 3. Installing Certbot.

Now we install the Certbot client which is used to create Let’s Encrypt certificates:

sudo dnf install certbot python3-certbot-nginx

To verify the Certbot installation run:

certbot --version

Step 4. Installing free SSL Let’s Encrypt on AlmaLinux.

Now we use the Certbot command to issue a Let’s Encrypt certificate. Replace and with your domain name and email :

certbot --nginx --agree-tos --redirect --hsts --staple-ocsp --email -d

During installation, This will generate a set of prompts that you will need to answer. If all goes well, you should receive the following message:

Requesting a certificate for
Performing the following challenges:
http-01 challenge for
Waiting for verification...
Cleaning up challenges
Subscribe to the EFF mailing list (email:

 - Congratulations! Your certificate and chain have been saved at:
   Your key file has been saved at:
   Your certificate will expire on 2021-08-25. To obtain a new or
   tweaked version of this certificate in the future, simply run
   certbot again. To non-interactively renew *all* of your
   certificates, run "certbot renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:
   Donating to EFF:          

At this point, when you are finished using Certbot, you can check your SSL certificate status. Type the following link to your web browser:

Install Let's Encrypt SSL with LEMP on AlmaLinux 8

Step 5. Configure Firewall.

Now add firewall rules to allow connections as well as HTTP (port 80) and HTTPS (port 443) traffic:

sudo firewall-cmd --permanent --add-port=80/tcp --zone=public
sudo firewall-cmd --permanent --add-port=443/tcp --zone=public
sudo firewall-cmd --reload

Congratulations! You have successfully installed a free SSL certificate. Thanks for using this tutorial for installing Certbot on your AlmaLinux 8 system. For additional help or useful information, we recommend you check the official Certbot website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!


r00t is a seasoned Linux system administrator with a wealth of experience in the field. Known for his contributions to, r00t has authored numerous tutorials and guides, helping users navigate the complexities of Linux systems. His expertise spans across various Linux distributions, including Ubuntu, CentOS, and Debian. r00t's work is characterized by his ability to simplify complex concepts, making Linux more accessible to users of all skill levels. His dedication to the Linux community and his commitment to sharing knowledge makes him a respected figure in the field.
Back to top button