Christian WellsIn this comprehensive guide, we will walk you through the process of installing Let’s Encrypt SSL on Rocky Linux 9. Let’s Encrypt is a well-known non-profit certificate authority that provides free X.509 certificates for Transport Layer Security encryption. By following these steps, you will be able to secure your website with a trusted SSL certificate, ensuring the privacy and security of your visitors’ data.
Step 1: Install snapd
First, we need to install the snapd tool, which will allow us to install and manage snaps. Snaps are self-contained software packages that include all the dependencies needed to run an application.
To install snapd, open a terminal and run the following command:
dnf install snapd
Once snapd is installed, update the Snap with the following commands:
snap install core snap refresh core
Next, start and enable the Snap upon boot by running the following commands:
systemctl start snapd.socket systemctl enable snapd.socket
To enable classic snap support, create a symbolic link from /var/lib/snapd/snap to /snap with the following command:
ln -s /var/lib/snapd/snap/snap
Step 2: Install Certbot using Snap
Certbot is a popular tool for obtaining and renewing SSL certificates. We will install Certbot using the Snap package.
To install Certbot, ensure that you have Snap installed by running the following command:
snap install --classic certbot
Create a symbolic link to make the certbot command accessible system-wide:
ln -s /snap/bin/certbot /usr/bin/certbot
Step 3: Configure Apache vHost
Now, let’s configure Apache to serve our website over HTTPS. Create a new Apache configuration file for your domain by running the following command:
nano /etc/httpd/conf.d/blog.domainhere.info.conf
In the file, add the following configuration:
<VirtualHost *:80>
ServerName blog.domainhere.info
ServerAlias blog.domainhere.info
DocumentRoot /var/www/html
<Directory /var/www/html/>
Options -Indexes +FollowSymLinks
AllowOverride All
</Directory>
ErrorLog /var/log/httpd/blog.domainhere.info-error.log
CustomLog /var/log/httpd/blog.domainhere.info-access.log combined
</VirtualHost>
Make sure to replace blog.domainhere.info with your actual domain name. Save the file and exit the editor.
Restart Apache to apply the changes:
systemctl restart httpd
Step 4: Enable Firewall
To ensure that our web server is accessible over HTTP and HTTPS, we need to enable the necessary firewall rules.
Run the following commands to enable HTTP and HTTPS services in the firewall:
firewall-cmd --permanent --add-service=http firewall-cmd --permanent --add-service=https firewall-cmd --reload
Step 5: Generate Let’s Encrypt SSL
Now it’s time to generate the Let’s Encrypt SSL certificate for your domain. Run the following command:
certbot --apache
You will be prompted to enter your email address and agree to the Terms of Service. Follow the instructions to complete the certificate generation process.
Once the certificate is successfully issued, Certbot will save the certificate and key files in the appropriate directories. The certificate will be valid until its expiration date, which is typically 90 days.
Certbot also sets up a scheduled task to automatically renew the certificate in the background, ensuring that your website remains secure.
Step 6: Verify SSL Installation
To verify that the SSL certificate is installed correctly, open your web browser and navigate to your website using the HTTPS protocol. For example, https://your.domainname.com.
You should see a lock icon in the browser’s address bar, indicating that the connection between the browser and the server is encrypted and secure.
Congratulations! You have successfully installed Let’s Encrypt SSL with LAMP Stack on Rocky Linux 9. Your website is now secured with a trusted SSL certificate.
If you found this guide helpful, please consider supporting the Let’s Encrypt project and the Electronic Frontier Foundation (EFF), which develops Certbot. You can donate to ISRG/Let’s Encrypt here and to EFF here.
Conclusion
Securing your website with an SSL certificate is crucial for protecting your users’ sensitive data. Let’s Encrypt provides a convenient and free solution for obtaining SSL certificates.
By following the steps outlined in this guide, you have successfully installed Let’s Encrypt SSL on Rocky Linux 9 with LAMP Stack. Your website is now encrypted and accessible over HTTPS.
Remember to regularly renew your SSL certificate to ensure continuous protection. If you encounter any issues during the installation process or need further assistance, feel free to reach out to our 24×7 in-house customer support at Shape.host.
Shape.host provides reliable and scalable Linux SSD VPS hosting services, ensuring the performance and security of your website. Visit our website to explore our latest offers and find the perfect hosting solution for your business.
