MervCodes

Tech Reviews From A Programmer

ApacheCentOSLinuxServer

How to Setup Let's Encrypt FREE SSL Certificate on CentOS 6

2 min read

DEPRECATION NOTICE (2026): CentOS 6 reached end-of-life on November 30, 2020 and no longer receives security updates. The certbot-auto script referenced below was also deprecated in 2021. If you are setting up SSL on a new server, use Rocky Linux 9, AlmaLinux 9, or Ubuntu 22.04 LTS with the standard certbot package (sudo dnf install certbot or sudo apt install certbot). This article is preserved for historical reference only.

I wrote this guide back in 2017 when I was setting up SSL for client sites on CentOS 6 servers. Let's Encrypt had just become the go-to solution for free SSL certificates, and HTTPS was starting to become mandatory — Google was using it as a ranking signal and browsers were slapping "Not Secure" warnings on HTTP sites.

While CentOS 6 is now long dead, I'm keeping this here for the handful of people who might still be maintaining legacy servers.

TL;DR: Setting up free SSL certificate on CentOS 6 using Let's Encrypt. A step-by-step guide to securing your website with HTTPS at no cost.

Prerequisites

  • CentOS 6 server with root access
  • Apache installed and running
  • A domain name pointing to your server's IP address

Step 1: Install Certbot

Since CentOS 6 uses an older version of Python, we need to use the certbot-auto script:

cd /usr/local/bin
wget https://dl.eff.org/certbot-auto
chmod a+x certbot-auto

Step 2: Obtain the Certificate

Run certbot with the Apache plugin:

/usr/local/bin/certbot-auto --apache -d yourdomain.com -d www.yourdomain.com

Follow the interactive prompts. Certbot will:

  1. Verify that you own the domain
  2. Generate the SSL certificate
  3. Automatically configure Apache to use it

Step 3: Set Up Auto-Renewal

Let's Encrypt certificates expire every 90 days. Set up a cron job to automatically renew them:

crontab -e

Add this line:

0 3 * * * /usr/local/bin/certbot-auto renew --quiet

This checks for renewal every day at 3 AM and renews any certificates that are within 30 days of expiration.

Step 4: Verify

Test your SSL setup by visiting https://yourdomain.com. You can also use SSL Labs to get a full security report on your certificate configuration.

Note: CentOS 6 reached end of life in November 2020. If you're still running CentOS 6, strongly consider upgrading to a supported OS like AlmaLinux 8/9 or Rocky Linux for continued security updates.

Sources

  1. MDN Web Docs
  2. Node.js Documentation
  3. Next.js Documentation

Related Articles

Node.jsLinux

How to Fix ENOSPC: System Limit for Number of File Watchers Reached

Fix the ENOSPC file watcher limit error in Node.js and development tools. Learn why it happens and permanent solutions for Linux systems.

HostingPHP

Should I use WP Engine to host my WordPress site?

Every hosting company seems to have an ace up their sleeve, it is just that most times, it doesn't work for everyone. Let's look at WP Engine and whether it's worth the premium price.

AWSElastic Beanstalk

Unable to delete AWS Elastic Beanstalk Environment

When you try to terminate an Elastic Beanstalk environment, sometimes it fails due to dependent resources. Here's how to fix it.

← Back to all posts