How to Setup Let's Encrypt FREE SSL Certificate on CentOS 6

Setting up free SSL certificate on CentOS 6 using Let's Encrypt. HTTPS is no longer optional -- Google uses it as a ranking signal, and browsers now show "Not Secure" warnings for HTTP sites. Let's Encrypt makes it free and straightforward to add SSL to your server.

Prerequisites

• CentOS 6 server with root access
• Apache installed and running
• A domain name pointing to your server's IP address

Step 1: Install Certbot

Since CentOS 6 uses an older version of Python, we need to use the certbot-auto script:

cd /usr/local/bin
wget https://dl.eff.org/certbot-auto
chmod a+x certbot-auto

Step 2: Obtain the Certificate

Run certbot with the Apache plugin:

/usr/local/bin/certbot-auto --apache -d yourdomain.com -d www.yourdomain.com

Follow the interactive prompts. Certbot will:

1. Verify that you own the domain
2. Generate the SSL certificate
3. Automatically configure Apache to use it

Step 3: Set Up Auto-Renewal

Let's Encrypt certificates expire every 90 days. Set up a cron job to automatically renew them:

crontab -e

Add this line:

0 3 * * * /usr/local/bin/certbot-auto renew --quiet

This checks for renewal every day at 3 AM and renews any certificates that are within 30 days of expiration.

Step 4: Verify

Test your SSL setup by visiting https://yourdomain.com. You can also use SSL Labs to get a full security report on your certificate configuration.

Note: CentOS 6 reached end of life in November 2020. If you're still running CentOS 6, strongly consider upgrading to a supported OS like AlmaLinux 8/9 or Rocky Linux for continued security updates.