I want say very short steps to make you page secure SSL with “Let’s Encrypt”
Our case, we consider a server where we have ssh access, and we can modify configuration files from apache and restart services.
First step, install certbot.
yum install certbot
Second, request key for you webpage:
certbot certonly –webroot -w /var/www/html/roundcubemail/ -d webmail.your-domain.com
If you run for the first time here, you will get some questions:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Enter email address (used for urgent renewal and security notices) (Enter ‘c’ to
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
Next step you will get the key !
– Congratulations! Your certificate and chain have been saved at:
Your key file has been saved at:
Your cert will expire on 2018-10-07. To obtain a new or tweaked
version of this certificate in the future, simply run certbot
again. To non-interactively renew *all* of your certificates, run
– Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
– If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let’s Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
Final step create you own VHOST config in web server.
CustomLog /var/log/httpd/webmailssl_access.log common
and restart you apache server: systemctl restart httpd