DTT

How to set up Lets Encrypt on CentOS 7

Published: December 1, 2025 (Updated: Dec 1, 2025)

Enjoying this content? Subscribe to the Channel!

Secure Your Website for Free! How to Install Let’s Encrypt SSL on CentOS and Apache

Introduction: Why HTTPS is Non-Negotiable

Welcome to Darren’s Tech Tutorials! If you run a website in today’s digital landscape, securing it with HTTPS isn’t optional—it’s essential. Not only does HTTPS encrypt the connection between your server and your users (protecting sensitive data), but major search engines like Google also prioritize secure sites, helping your SEO ranking!

The great news? You don’t have to pay a fortune for an SSL certificate. We’re going to use Let’s Encrypt, a fantastic, free, open-source project that makes securing your CentOS server running Apache incredibly simple.

By the end of this guide, your site will be fully encrypted and sporting that reassuring padlock icon!

Prerequisites for Success

Before we dive in, ensure you meet the following requirements. If you haven’t completed these steps yet, check out my video library for full tutorials (links are available in the video description):

  1. CentOS: You must have CentOS installed and running.
  2. Apache: Apache must be installed and active on your server.
  3. Virtual Hosts (Recommended): If you are hosting multiple sites, it is highly recommended that you have Apache Virtual Hosts configured for the domain you wish to encrypt.

Ready? Let’s secure that site!

Step 1: Installing the EPEL Release

Our first step is to enable access to the Extra Packages for Enterprise Linux (EPEL) repository. This repository contains the essential dependencies we need for Certbot (the tool that handles the Let’s Encrypt process) to work correctly on CentOS.

Open your terminal and execute the following command:

sudo yum install epel-release

You will be prompted to confirm the installation by typing Y for yes. Once confirmed, allow the package manager to download and install the release.

Step 2: Installing Certbot and Apache SSL Modules

With EPEL in place, we can now install the core components needed to communicate with Let’s Encrypt and configure Apache for SSL traffic. We need three key components: the main Apache server package (httpd), the SSL module (mod_ssl), and the Python Certbot tool specifically designed to interact with Apache (python-certbot-apache).

Run the following command:

sudo yum install httpd mod_ssl python-certbot-apache

Again, confirm the installation when prompted by typing Y. This step fetches everything required for the secure connection.

Pro Tip: Type clear in your terminal at any point to tidy up your screen before moving to the next command.

Step 3: Running Certbot to Generate the SSL Certificate

Now that all the tools are installed, we can run the Certbot script. This script will automatically verify your domain ownership, generate the free Let’s Encrypt certificate, and configure your Apache virtual host files—all in one go!

We use the --apache flag to tell Certbot we are working with an Apache server, and the -d flag to specify the domain we want to secure.

Replace yourdomain.com with the actual domain name you have configured in your Virtual Host:

sudo certbot --apache -d yourdomain.com

Key Prompts During Execution

When you run the command, Certbot will do the following automatically:

  1. Obtain New Certificate: It contacts the Let’s Encrypt servers and begins the validation process.
  2. Verify Domain: It confirms that you control the specified domain name.
  3. Generate Key: It creates the security key required for the certificate.

You will then be presented with a critical configuration choice:

Secure or Redirect?

Certbot will ask how you want to handle existing non-secure HTTP traffic:

  1. No redirect - make no further changes to the web server configuration.
  2. Redirect - Make all requests redirect to secure HTTPS access. (Recommended)

To ensure the highest level of security and prevent visitors from accidentally using the insecure HTTP link, always select option 2 (Redirect). Type 2 and press Enter.

Step 4: Finalizing the Installation and Verification

Certbot will now automatically update your Apache configuration file to point to the newly generated SSL certificate files and apply the redirect rule.

The final necessary step is to restart Apache to load the new secure configuration settings.

sudo systemctl restart httpd

Verification

Once Apache has successfully restarted, open your web browser and navigate to your domain (e.g., http://yourdomain.com).

What you should see:

  • The URL should automatically resolve to https://yourdomain.com.
  • You will see the glorious padlock icon next to your URL, confirming that your site is now running on a secure HTTPS connection provided by Let’s Encrypt!

Conclusion

That’s all there is to it! In just a few easy steps, you have successfully secured your website with a free, professional-grade SSL certificate using Let’s Encrypt on your CentOS and Apache server. Give yourself a pat on the back—you’ve made a huge leap toward better security and improved SEO!

If you encountered any bumps in the road or have questions about maintenance (like automatic certificate renewal), drop a comment below. I do my best to respond and help everyone through the process!

Don’t forget to Like this post and Subscribe to Darren’s Tech Tutorials for more clear, practical technology guides! Happy coding!