Showing posts with label SSL. Show all posts
Showing posts with label SSL. Show all posts

Thursday, August 24, 2023

Generating SSL Certificates for Websites on Non-Standard Ports

Ensuring secure communication is essential for websites, even if they are not published on the default ports 80 or 443. This guide demonstrates how to obtain SSL certificates using Certbot when your website is hosted on a non-standard port. We'll walk through the steps using a generalized URL and domain name for clarity.


Before starting, make sure you have the following:
  • A server hosting your website is accessible via a specific port.
  • Domain name and DNS management access for the domain.

Step 1: Install Certbot

Begin by installing Certbot using the following commands

sudo dnf install epel-release -y sudo dnf install certbot -y

Step 2: Generate SSL Certificate

Generate an SSL certificate using Certbot's manual mode with DNS challenge. Replace with your actual domain name.

sudo certbot --manual --preferred-challenges dns certonly -d

Follow the prompts provided by Certbot. You'll be asked to add a specific DNS TXT record to your DNS configuration to prove domain ownership.

Step 3: Certificate Location

Upon successful completion, Certbot will provide a confirmation message and indicate the location where the certificate and key files are stored. These files will be required for your web server's SSL configuration plaintext

Certificate is saved at: /etc/letsencrypt/live/ 
Key is saved at: /etc/letsencrypt/live/

Step 4: Next Steps

The certificate obtained is not set to automatically renew. To renew it, repeat the same Certbot command before the certificate's expiration date.

Remember, you'll need to configure your web server to use the obtained SSL certificate. or else replace the old certificates with new certificates with same name.