created: 20190620085907644
creator: vplesnila
modified: 20220101134215781
modifier: vplesnila
tags: [[Apache HTTPD]]
title: certbot - Let's Encrypt - Free SSL/TLS Certificates
type: text/vnd.tiddlywiki

!! certbot installation

```
pip3 install certbot
```


!! Virtual host Apache configuration

```
<VirtualHost *:80>
    ServerName notes.databasepro.fr
    DocumentRoot "/data/wwwroot/notes.databasepro.fr/public/"
    <Directory "/data/wwwroot/notes.databasepro.fr/public/">
                Options Indexes FollowSymLinks
                AllowOverride All
                Require all granted
     </Directory>
</VirtualHost>
```


!! Generate a signed certificate and a private key from Let's Encrypt
```
certbot certonly --webroot --webroot-path /data/wwwroot/notes.databasepro.fr/public -d notes.databasepro.fr
```
Generated files:

* Certificate: `/etc/letsencrypt/live/notes.databasepro.fr/fullchain.pem`
* Key: `/etc/letsencrypt/live/notes.databasepro.fr/privkey.pem`


!! Add HTTPS config to Virtual host Apache configuration

```
<VirtualHost *:443>
    ServerName notes.databasepro.fr
    DocumentRoot "/data/wwwroot/notes.databasepro.fr/public/"
    <Directory "/data/wwwroot/notes.databasepro.fr/public/">
                Options Indexes FollowSymLinks
                AllowOverride All
                Require all granted
    </Directory>
    AllowEncodedSlashes on
    SSLEngine on
    SSLCertificateFile "/etc/letsencrypt/live/notes.databasepro.fr/fullchain.pem"
    SSLCertificateKeyFile "/etc/letsencrypt/live/notes.databasepro.fr/privkey.pem"
</VirtualHost>
```

!! Restart apache

```
systemctl restart httpd
```

!! Renew all certificates

```
certbot renew
```

!! Remove a certificate

```
certbot delete --cert-name code.databasepro.fr
```