SYS 360 Lab 8 2: Let's Encrypt for TLS - JadenGil/Jaden-Tech-Journal GitHub Wiki

Acquire a Sub-Domain to use for your server (using DuckDNS):

To start things off let's record the public IP from the instance that we created in the last lab:

image

Then go to duckdns.org, login, and add a domain:

image

Then in a new powershell instance nslookup the new domain:

image

Use Certbot to acquire a certificate for your server

Back in the ssh instance that we connected to in the last lab we will want to install certbot using sudo wget -r --no-parent -A 'epel-release-*.rpm' https://archives.fedoraproject.org/pub/archive/epel/7/x86_64/Packages/e/ followed by sudo rpm -Uvh archives.fedoraproject.org/pub/archive/epel/7/x86_64/Packages/e/epel-release-*.rpm

Then we want to enable it using sudo yum-config-manager --enable epel* and confirm that it's enabled using sudo yum repolist all

image

Then we want to edit the file /etc/httpd/conf/httpd.conf and add the following information underneath the listen 80 part:

image

Then we will save the file and install the certbot dependencies using sudo yum install -y certbot python2-certbot-apache and we will run certbot with sudo certbot You will be asked several questions once certbot is run. Select "Y" for the first "Y" or "N" is fine for the second and leave the third blank and you will get the following output:

image

Deliverable:

image