In this tutorial we will show you how to install Let’s Encrypt SSL With Lighttpd on CentOS 7 server. For those of you who didn’t know, LetsEncrypt is a free open certificate authority (CA) that provides free certificates for websites and other services. The service, which is backed by the Electronic Frontier Foundation, Mozilla, Cisco Systems, and Akamai. Unfortunately, LetsEncrypt.org certificates currently have a 3 month lifetime. This means you’ll need to renew your certificate quarterly for now.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo’ to the commands to get root privileges. I will show you through the step by step installation Let’s Encrypt SSL with Lighttpd on a CentOS 7 server.
Install Let’s Encrypt SSL With Lighttpd on CentOS 7
Step 1. First let’s start by ensuring your system is up-to-date.
Step 2. Installing Let’s Encrypt SSL using Certbot.
In CentOS 7, you can find Certbot on the EPEL repository; if you enable it, just install what you need:
You will also need to have Lighttpd installed and running. Of course, if you are adding certificates onto a previously configured web host this would already be installed:
Obtaining a certificate with Certbot:
Combine both certificate and private key in one file.
Lighty likes its certificates formatted in a specific way, so we’re going to combine the private keys and certificate into one file that we’ll tell lighty about later:
Step 3. Configure Lighttpd For Your New Cert.
Configure lighty to use the new certificate and chain:
Use the below information:
Step 4. Force HTTPS requests for Lighttpd.
We can also configure HTTP to HTTPS redirection on Lighttpd server so that the traffic comes to non-HTTPS site redirect to the HTTPS site:
Save and close the file when you are finished.
Step 5. Set Up Let’s Encrypt SSL Auto Renewal.
Let’s Encrypt certificates comes with a validity of 90 days; it is highly advisable to configure the cron (Linux Scheduler) job to renew your certificates before they expire:
If that appears to be working properly, configure a cron job for the below command:
Congratulation’s! You have successfully installed Let’s Encrypt. Thanks for using this tutorial for installing Let’s Encrypt SSL With Lighttpd on CentOS 7 system. For additional help or useful information, we recommend you to check the official Let’s Encrypt web site.