• Home
  • Ubuntu 18.04
    • Whats New?
    • Upgrade Ubuntu
    • Install Java
    • Install Node.js
    • Install Docker
    • Install Git
    • Install LAMP Stack
  • Tutorials
    • AWS
    • Shell Scripting
    • Docker
    • Git
    • MongoDB
  • Funny Tools
  • FeedBack
  • Submit Article
  • About Us
TecAdmin
Menu
  • Home
  • Ubuntu 18.04
    • Whats New?
    • Upgrade Ubuntu
    • Install Java
    • Install Node.js
    • Install Docker
    • Install Git
    • Install LAMP Stack
  • Tutorials
    • AWS
    • Shell Scripting
    • Docker
    • Git
    • MongoDB
  • Funny Tools
  • FeedBack
  • Submit Article
  • About Us

How to Setup Let’s Encrypt SSL with Apache on Fedora

Written by Rahul, Updated on April 15, 2020

Let’s Encrypt is a non-profit Certificate Authority (CA) managed by the Internet Security Research Group. It provides free SSL certificates for your domains to secure data on the transport layer. This tutorial will help you to install and secure Apache with Let’s encrypt on Fedora system.

Prerequisites

  • Running Fedora system with shell access
  • A domain/sub domain pointed to server IP address via public DNS server. For this tutorial, we use webhost.tecadmin.net.

Step 1 – Install Apache

First of all, Install the Apache web server on your Fedora system. The default package repositories contains Apache packages. You can directly install them using the following command:

sudo dnf install httpd httpd-tools mod_ssl
  • How to Install LAMP on Fedora

Step 2 – Create VirtualHost in Apache

For this tutorial, I have created a index.html file under the default document root. Similarly, you can place your application under the document root of your domain.

sudo echo "<h2>Welcome to Secure TecAdmin.net</h2>" > /var/www/html/index.html

After that, create a VirtualHost configuration file binding with port 80.

sudo vim /etc/httpd/conf.d/webhost.tecadmin.net.conf

1
2
3
4
5
6
7
8
<VirtualHost *:80>
    ServerAdmin admin@example.com
    ServerName webhost.tecadmin.net
    DocumentRoot /var/www/html
    <Directory /var/www/html>
        Allowoverride all
    </Directory>
</VirtualHost>

Save and close the configuration file. Then restart Apache service to reload the configuration file.

sudo systemctl restart httpd.service

Step 3 – Setup Let’s Encrypt (Certbot) Client

The Certbot ACME is a client application recommended by the Let’s Encrypt for systems with shell access. It provides hassle-free automation of the certificate issuance, installation, and renewal.

You can download the certbot-auto script from the official download page and put it under /usr/sbin directory. Use the following command to do it.

sudo wget https://dl.eff.org/certbot-auto -O /usr/sbin/certbot-auto
sudo chmod a+x /usr/sbin/certbot-auto

You also need to installed all dependency for the certbot to make it work. The below command will install it dependencies on your system.

sudo certbot-auto --os-packages-only

Step 4 – Create Let’s Encrypt Certificate

Now, you can request Lets encrypt to issue a SSL certificate for you domain. You need to run the certbot-auto command for Apache server as following:

sudo certbot-auto --apache

This will list all the virtual hosts configured with Apache on current server. Select the appropriate number with the comma separated. See below screenshot:

Lets Encrypt Apache on Fedora

The Let’s encrypt will start the verification process for your domain. Make sure the domain you selected is pointed to this server via the public DNS server.

On successful verification, SSL will be issued for your domain. A separate SSL VirtualHost configuration file will be created for your domain.

Please choose whether or not to redirect HTTP traffic to HTTPS:

  • 1: No redirect – Make no further changes to the webserver configuration.
  • 2: Redirect – Make all requests redirect to secure HTTPS access.

Free Lets Encrypt ssl on Fedora

Enter a number of your choice and press enter. You can also change it latest by directly editing configuration files.

Once the SSL configuration completed successfully, you will see a congratulations message on your screen.

Lets Encrypt on Fedora

Step 5 – Verify Certificate

The Let’s Encrypt SSL has been successfully configured for your domain. This certificate is issued for 3 months only, You can renew it before expiration.

Let’s check the certificate by accessing your site in a web browser.

Let's encrypt Apache

Conclusion

You have successfully secured your website with free Let’s Encrypt SSL certificate. Follow our next tutorial to setup Let’s Encrypt Auto SSL renewal with crontab. The Fedora systems will have default TLS 1.2 and TLS 1.3 enabled.

Share it!
Share on Facebook
Share on Twitter
Share on LinkedIn
Share on Reddit
Share on Tumblr
Share on Whatsapp
Rahul
Rahul
Connect on Facebook Connect on Twitter

I, Rahul Kumar am the founder and chief editor of TecAdmin.net. I am a Red Hat Certified Engineer (RHCE) and working as an IT professional since 2009..

Leave a Reply Cancel reply

Popular Posts

  • How To Install Python 3.9 on Ubuntu 20.04 5
  • How to Install Python 3.9 on CentOS/RHEL 7 & Fedora 32/31 0
  • How To Install VNC Server on Ubuntu 20.04 1
  • How To Install NVM on macOS with Homebrew 0
  • How to Install .NET Core on Debian 10 0
© 2013-2020 Tecadmin.net. All Rights Reserved | Terms  | Privacy Policy