Installing apache and SSL in Centos 8 / Alma Linux 8

sachin · June 20

Step 1 — Installing Apache

Apache is available within CentOS’s default software repositories, which means you can install it with the yum package manager.

yum install httpd
firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https
firewall-cmd --reload

Step 2 — Checking your Web Server

systemctl start httpd
systemctl status httpd

Step 3 — Setting Up Virtual Hosts

Add in the following configuration block, and change the your_domain domain to your domain name: /etc/httpd/conf.d/example.com.conf

<VirtualHost *:80>
    ServerName example.com
    ServerAlias example.com
    DocumentRoot /var/www/example.com/html
    ErrorLog /var/log/httpd/example.com.error.log
    CustomLog /var/log/httpd/example.com.requests.log combined
</VirtualHost>

and restart httpd service

systemctl start httpd

You can test this by navigating to http://example.com, where you should see default apache page

Step 4 — Installing the Certbot Let’s Encrypt Client

To use Let’s Encrypt to obtain an SSL certificate, you first need to install Certbot and mod_ssl, an Apache module that provides support for SSL v3 encryption.

The certbot package is not available through the package manager by default. You will need to enable the EPEL repository to install Certbot.

yum install epel-release
yum install certbot python3-certbot-apache mod_ssl

Step 5 — Obtaining a Certificate

certbot --apache -d example.com

The program will present you with a step-by-step guide to customize your certificate options. It will ask you to provide an email address for lost key recovery and notices, and then prompt you to agree to the terms of service. If you did not specify your domains on the command line, you will be prompted for that as well. If your Virtual Host files do not specify the domain they serve explicitly using the ServerName directive, you will be asked to choose the virtual host file. In most cases, the default ssl.conf file will work.

You will also be able to choose between enabling both http and https access or forcing all requests to redirect to https. For better security, it is recommended to choose the option 2: Redirect if you do not have any special need to allow unencrypted connections. Select your choice then hit ENTER.

You can test this by navigating to https://example.com, where you should see default apache page