I like to use secure communication as much as possible since we never know what new threats are out on the web. I don’t think I’ve got the skill set to battle of the best hackers, but stopping at least the script kiddies and such should be possible.
So first I ran a update so that I was sure everything is good to go.
sudo yum update
I then went and install git so that I can download the letsencrypt software.
sudo yum install git
I then downloaded letsencrypt and setup apache for ssl.
sudo git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt
./letsencrypt-auto --apache -d example.com -d www.example.com
You get some questions and one of them are if you want http and https or redirect to https. I chose redirect since I want the site to always use https.
Letsencrypt puts the files in /etc/httpd/sites-enabled so I moved the to sites-avaliable and made a symlink to enabled instead.
After a restart of httpd the site is up and running with https 🙂
I then ran a test of the server on ssl labs ssl test.
It complained about SSLv3, so I had to fix that.
So I located ssl.conf under /etc/httpd/conf.d and located
SSLProtocol all -SSLv2
and added -SSLv3 to it.