Automatic generate / renew Let's Encrypt certificates

Install certbot.

yum install python2-certbot-apache

Setup the VirtualHost *:80 entry in your apache configuration for domain.com. This will generate the certificates and the file domain.com-le-ssl.conf with the VirtualHost *:443 configuration for domain.com.

certbot --apache -d domain.com

Check which certificates were generated.

certbot certificates

To manual renew ALL ceritificates:

certbot renew
systemctl restart httpd (to apply changes if Apache server is used)

To auto renew the certificate, check if the cron timer was installed (on some OS it may not):

systemctl status certbot.timer

If the previous timer was not found, we can add a cron job. This will renew (if necessary - it will check first) all apache certificates deployed with let's encrypt.

sudo crontab -e
0 0,12 * * * root certbot -q renew --apache