Christian WellsIn this comprehensive guide, we will walk you through the process of installing Let’s Encrypt SSL with LAMP Stack on AlmaLinux 9. Let’s Encrypt is a non-profit certificate authority that provides free X.509 certificates for Transport Layer Security (TLS) encryption. By following the steps outlined in this article, you will be able to secure your website with a trusted SSL certificate and ensure a secure connection between your server and the user’s browser.
Prerequisites
Before we begin, there are a few prerequisites that need to be met:
- A system with AlmaLinux 9 installed and running.
- Root access to the system.
- LAMP Stack (Apache, MariaDB, and PHP) installed and running.
If you haven’t already fulfilled these requirements, please refer to the official AlmaLinux 9 documentation and our guide on installing the LAMP Stack for detailed instructions.
Installing Let’s Encrypt SSL
To install Let’s Encrypt SSL on AlmaLinux 9, we will be using the Snap package manager. Snap is a universal package manager that simplifies the installation and management of software packages.
Step 1: Install Snap
First, we need to install Snap on our system. Open the terminal and run the following command:
dnf install snapd
Step 2: Update Snap
After installing Snap, we need to update it to ensure that we have the latest version. Run the following commands to update Snap:
snap install core snap refresh core
Step 3: Enable Snap
Next, we need to start and enable Snap upon system boot. Run the following commands to achieve this:
systemctl start snapd.socket systemctl enable snapd.socket
To check the status of the Snap service, you can run the following command:
systemctl status snapd.socket
Step 4: Configure Apache vHost
Now, we need to configure Apache to serve our website over HTTPS. Create a new Apache configuration file for your domain by running the following command:
nano /etc/httpd/conf.d/blog.domainhere.info.conf
Replace “blog.domainhere.info” with your actual domain name.
In the newly created configuration file, add the following code:
<VirtualHost *:80>
ServerName blog.domainhere.info
ServerAlias blog.domainhere.info
DocumentRoot /var/www/html
<Directory /var/www/html/>
Options -Indexes +FollowSymLinks
AllowOverride All
</Directory>
ErrorLog /var/log/httpd/blog.domainhere.info-error.log
CustomLog /var/log/httpd/blog.domainhere.info-access.log combined
</VirtualHost>
Save and exit the file.
Next, restart Apache to apply the changes:
systemctl restart httpd
To verify that Apache is running without any errors, you can check its status:
systemctl status httpd
Step 5: Enable Firewall
To allow incoming traffic on ports 80 (HTTP) and 443 (HTTPS), we need to enable the firewall rules. Run the following commands to enable HTTP and HTTPS services in the firewall:
firewall-cmd --permanent --add-service=http firewall-cmd --permanent --add-service=https firewall-cmd --reload
With the firewall rules in place, your server will be accessible over HTTP and HTTPS.
Step 6: Generate Let’s Encrypt SSL
Now, it’s time to generate the Let’s Encrypt SSL certificate for your domain. We will be using Certbot, a command-line tool provided by Let’s Encrypt.
To install Certbot using Snap, run the following command:
snap install --classic certbot
Once Certbot is installed, create a symbolic link for easy access to the Certbot command:
ln -s /snap/bin/certbot /usr/bin/certbot
With Certbot installed, we can now generate the Let’s Encrypt SSL certificate. Run the following command:
certbot --apache
Certbot will guide you through the process of generating the SSL certificate. Simply follow the prompts and provide the necessary information when prompted.
After a successful certificate generation, Certbot will save the certificate files in the following locations:
- Certificate:
/etc/letsencrypt/live/blog.domainhere.info/fullchain.pem - Private Key:
/etc/letsencrypt/live/blog.domainhere.info/privkey.pem
Certbot will also set up a scheduled task to automatically renew the certificate when it nears expiration.
Step 7: Verify SSL Installation
To verify that the Let’s Encrypt SSL certificate is installed correctly, open your browser and navigate to your website using the HTTPS protocol:
https://blog.domainhere.info
You should see a lock icon in the address bar, indicating that your connection is secure and encrypted.
Congratulations! You have successfully installed Let’s Encrypt SSL with LAMP Stack on AlmaLinux 9. Your website is now protected with a trusted SSL certificate, providing secure communication between your server and your users.
Conclusion
In this article, we have learned how to install Let’s Encrypt SSL with LAMP Stack on AlmaLinux 9. By following the step-by-step instructions, you can secure your website and ensure a safe and encrypted connection for your users. Remember to keep your SSL certificate up to date by periodically renewing it.
If you are looking for reliable cloud hosting solutions, consider Shape.host. Shape.host offers Cloud VPS services with top-notch security and performance. Visit Shape.host today to explore their hosting plans and empower your business with efficient and scalable cloud hosting solutions.
