Populate /etc/acme-client.conf and replace example.com with your domain
authority letsencrypt {
api url "https://acme-v01.api.letsencrypt.org/directory"
account key "/etc/acme/letsencrypt-privkey.pem"
}
authority letsencrypt-staging {
api url "https://acme-staging.api.letsencrypt.org/directory"
account key "/etc/acme/letsencrypt-staging-privkey.pem"
}
domain example.com {
alternative names { example.com }
domain key "/etc/ssl/private/example.com.key"
domain certificate "/etc/ssl/example.com.crt"
domain full chain certificate "/etc/ssl/example.com.pem"
sign with letsencrypt
}
Create directories
mkdir -p -m 700 /etc/acme
mkdir -p -m 700 /etc/ssl/acme/private
mkdir -p -m 755 /var/www/acme
Populate /etc/httpd.conf
server "example.com" {
listen on * port 80
root "/htdocs/example.com"
location "/.well-known/acme-challenge/*" {
root { "/acme", strip 2 }
}
}
Check the configuration and restart httpd
httpd -n
When everything looks ok, restart httpd
rcctl restart httpd
Run the acme-client
acme-client -vAD example.com
Now enable HTTPS and restart httpd
Populate /etc/httpd.conf and add a new server section for HTTPS
server "example.com" {
listen on * tls port 443
root "/htdocs/example.com"
tls {
certificate "/etc/ssl/example.com.pem"
key "/etc/ssl/private/example.com.key"
}
location "/.well-known/acme-challenge/*" {
root { "/acme", strip 2 }
}
}
Check the configuration and restart httpd
httpd -n
and
rcctl restart httpd
Now you should reach your website over HTTPS
Top comments (0)