Install certbot.

yum install python2-certbot-apache

Setup the VirtualHost *:80 entry in your apache configuration for domain.com. This will generate the certificates and the file domain.com-le-ssl.conf with the VirtualHost *:443 configuration for domain.com.

certbot --apache -d domain.com

Check which certificates were generated.

certbot certificates

To auto renew the certificate, check if the cron timer was installed (on some OS it may not):

systemctl status certbot.timer

If the previous timer was not found, we can add a cron job. This will renew (if necessary - it will check first) all apache certificates deployed with let's encrypt.

sudo crontab -e
0 0,12 * * * root certbot -q renew --apache