Certbot
Ubuntu 24.04 LTS
$ sudo apt update && sudo apt upgrade
$ sudo apt install python3-certbot-nginx # For Nginx
$ sudo apt install python3-certbot-apache # For Apache
Request a new Let’s Encrypt SSL certificate and install the certificate.
$ sudo certbot --nginx -d www.example.com
Verify that Certbot auto-renews the SSL certificate upon expiry.
$ sudo certbot renew --dry-run
$ sudo certbot certificates
$ sudo certbot delete --cert-name www.example.com
CentOS 7 & 8
$ sudo yum install epel-release
$ sudo yum install certbot python3-certbot-nginx # For Nginx
$ sudo yum install certbot python3-certbot-apache # For Apache
Automatically Obtain and Install Certificates
$ sudo certbot --nginx
$ sudo certbot --apache
Using Standalone Mode to Generate Certificates
$ sudo systemctl stop nginx
$ sudo certbot certonly --standalone -d example.com -d www.example.com
$ sudo systemctl start nginx
Obtain a certificate by writing to the Webroot directory of a running Web server.
$ certbot certonly --webroot -w /var/www/example -d www.example.com
Test Certificate Renewal Process
$ sudo certbot renew --dry-run
Manual renewal of certificates
$ sudo certbot renew
Notes
Port 80 needs to be reachable from the internet for the http-01 challenge, not just port 443.