Certbot SSL on Redhat and CentOS

To install Certbot on Red Hat and configure it, follow the steps below:

1. Enable EPEL repository:

   Certbot is not available in the standard Red Hat repositories, so you need to enable the Extra Packages for Enterprise Linux (EPEL) repository by running the following command:

   sudo yum install epel-release

2. Install Certbot:

   Once the EPEL repository is enabled, you can install Certbot by running the following command:

   sudo yum install certbot

3. Obtain a SSL/TLS certificate:

To obtain a SSL/TLS certificate from Let's Encrypt, run the following command:

   sudo certbot certonly --standalone --email your-email-address --agree-tos -d your-domain-name

This command will launch a standalone web server on port 80 and authenticate your domain ownership with Let's Encrypt. After successful authentication, Certbot will generate a SSL/TLS certificate for your domain and store it in the following directory: /etc/letsencrypt/live/your-domain-name/.

4. Configure your web server:

Once you have obtained the SSL/TLS certificate, you need to configure your web server to use it. The specific steps depend on your web server software and configuration. Here are some general guidelines:

For Apache: 

     Edit the Apache virtual host configuration file for your domain and add the following lines:

     SSLCertificateFile /etc/letsencrypt/live/your-domain-name/fullchain.pem

     SSLCertificateKeyFile /etc/letsencrypt/live/your-domain-name/privkey.pem

     SSLCertificateChainFile /etc/letsencrypt/live/your-domain-name/chain.pem

Then, restart Apache to apply the changes:

     sudo systemctl restart httpd

For Nginx:

     Edit the Nginx virtual host configuration file for your domain and add the following lines:

     ssl_certificate /etc/letsencrypt/live/your-domain-name/fullchain.pem;

     ssl_certificate_key /etc/letsencrypt/live/your-domain-name/privkey.pem;

Then, reload Nginx to apply the changes:

     sudo systemctl reload nginx

That's it! Your website should now be accessible over HTTPS using the SSL/TLS certificate obtained from Let's Encrypt.

To delete an SSL certificate with Certbot on CentOS, you can use the following command:

Replace `example.com` with the domain name of the certificate you want to delete.

sudo certbot delete --cert-name example.com

To reinstall the SSL certificate, you will need to obtain a new certificate using Certbot. You can use the following command to obtain a new certificate for your domain:

sudo certbot certonly --webroot -w /var/www/html -d example.com -d www.example.com

Replace `example.com` and `www.example.com` with your actual domain names. The `-w` option specifies the webroot directory where your website files are located.

Once you have obtained the new certificate, you can configure your web server to use it. The specific steps for configuring your web server will depend on the web server software you are using (e.g. Apache, Nginx). Here is an example for configuring Apache:

1. Open the Apache configuration file for your domain:

sudo nano /etc/httpd/conf.d/example.com.conf

2. Add the following lines to the configuration file to specify the SSL certificate and key file:

SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem

SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem

Replace `example.com` with your actual domain name.

3. Save and close the file.

4. Restart the Apache service:

sudo systemctl restart httpd

After completing these steps, your web server should be configured to use the new SSL certificate. You can test the configuration by accessing your website using HTTPS and verifying that the SSL certificate is valid.

More : How To Install SSL On Debian ( Ubuntu )