Prerequisites
Running Fedora system with shell access A domain/sub domain pointed to server IP address via public DNS server. For this tutorial, we use webhost.tecadmin.net.
Step 1 – Install Apache
First of all, Install the Apache webserver on your Fedora system. The default package repositories contain Apache packages. You can directly install them using the following command:
How to Install LAMP on Fedora
Step 2 – Create VirtualHost in Apache
For this tutorial, I have created an index.html file under the default document root. Similarly, you can place your application under the document root of your domain. After that, create a VirtualHost configuration file binding with port 80.
Save and close the configuration file. Then restart the Apache service to reload the configuration file.
Step 3 – Setup Let’s Encrypt (Certbot) Client
The Certbot ACME is a client application recommended by Let’s Encrypt for systems with shell access. It provides hassle-free automation of certificate issuance, installation, and renewal. You can install the certbot package along with certbot plugin for Apache using following command: Above command will add certbot utility in your system. Execute the below command to get more help about certbot command.
Step 4 – Create Let’s Encrypt Certificate
Now, you can request let’s encrypt to issue an SSL certificate for your domain. You need to run the certbot command for the Apache server as following: This will list all the virtual hosts configured with Apache on current server. Select the appropriate number with the comma separated. See below screenshot:
Let’s encrypt will start the verification process for your domain. Make sure the domain you selected is pointed to this server via the public DNS server. On successful verification, SSL will be issued for your domain. A separate SSL VirtualHost configuration file will be created for your domain. Please choose whether or not to redirect HTTP traffic to HTTPS:
1: No redirect – Make no further changes to the webserver configuration. 2: Redirect – Make all requests redirect to secure HTTPS access.
Enter a number of your choice and press enter. You can also change it latest by directly editing configuration files. Once the SSL configuration completed successfully, you will see a congratulations message on your screen.
Step 5 – Verify Certificate
The Let’s Encrypt SSL has been successfully configured for your domain. This certificate is issued for 3 months only, You can renew it before expiration. Let’s check the certificate by accessing your site in a web browser.
Conclusion
You have successfully secured your website with free Let’s Encrypt SSL certificate. Follow our next tutorial to setup Let’s Encrypt Auto SSL renewal with crontab. The Fedora systems will have default TLS 1.2 and TLS 1.3 enabled.