Ensuring secure communication is essential for websites, even if they are not published on the default ports 80 or 443. This guide demonstrates how to obtain SSL certificates using Certbot when your website is hosted on a non-standard port. We'll walk through the steps using a generalized URL and domain name for clarity.
PrerequisitesBefore starting, make sure you have the following:
- A server hosting your website is accessible via a specific port.
- Domain name and DNS management access for the domain.
Step 1: Install CertbotBegin by installing Certbot using the following commands
sudo dnf install epel-release -y sudo dnf install certbot -y
Step 2: Generate SSL Certificate
Generate an SSL certificate using Certbot's manual mode with DNS challenge. Replace your.domain.com with your actual domain name.
sudo certbot --manual --preferred-challenges dns certonly -d your.domain.com
Follow the prompts provided by Certbot. You'll be asked to add a specific DNS TXT record to your DNS configuration to prove domain ownership.
Step 3: Certificate Location
Upon successful completion, Certbot will provide a confirmation message and indicate the location where the certificate and key files are stored. These files will be required for your web server's SSL configuration plaintext
Certificate is saved at: /etc/letsencrypt/live/your.domain.com/fullchain.pemKey is saved at: /etc/letsencrypt/live/your.domain.com/privkey.pem
Step 4: Next Steps
The certificate obtained is not set to automatically renew. To renew it, repeat the same Certbot command before the certificate's expiration date.
Remember, you'll need to configure your web server to use the obtained SSL certificate. or else replace the old certificates with new certificates with same name.