Anyone that has set up a web or an application server knows how challenging it is to deal with requesting, verifying and install an SSL/TLS certificate is. Fast forward into the future of today…

Let's Encrypt!
Let’s Encrypt is a certificate authority that has been created by the Linux Foundation with community support to tackle these challenges, a big part of EFF’s mission to encrypt the Web. They claim: “No validation emails, no complicated configuration editing, no expired certificates breaking your website. And of course, because Let’s Encrypt provides certificates for free, no need to arrange payment.”

There are 1,358,780 certificates issued to date and that number is growing by the minute. You can check all the issues certificates here.

The official client software “Certbot” is easy to use and completely open source.
certbot
You can grab it and see the help file using the following command:

$ git clone https://github.com/certbot/certbot && cd certbot && chmod a+x certbot-auto && ./certbot-auto —help

To create a certificate and reconfigure apache to use it on a Centos6 machine this should do the trick.

sudo ./certbot-auto --apache --email youremail@yourdomain.tld --agree-tos --webroot -w /var/www/html/ -d subdomain.domain.tld -d www.subdomain.domain.tld

For more advanced and automated configuration instruction visit the Certbot homepage. If you need any help leave a reply in the comment section.

Martin Markovski,
Director Of Technology