Using Let’s Encrypt with CentOS (for now)

CentOS 6 users, because Let’s Encrypt requires at least Python 2.7 to run you need to install a newer version. Luckily you can install 2.7 version aside to the 2.6 version already in your system. To do that you need to put in IUS repository. The installation process is actually very easy. All you need to do is:

yum install


yum install python27 python27-virtualenv

Once you did that, or if you’re on CentOS 7 make sure to have git installed by doing:

yum install git

Then download the Let’s Encrypt source code:

git clone

Change directory and launch the tool for the firs time:

cd letsencrypt
This will install everything needed on your server and prepare the tool. When this is all done you need to stop your webserver (I guess this is a temporary thing) something like:
service httpd stop
Change http with whatever your webserver is. When the daemon is stopped you can request your certificate
./letsencrypt-auto --agree-tos --email -d -d -d certonly
You can put as many “-d” options as you like/have on your server. This way you can create a single certificate for all the domains/hosts that you have on your server.
Note that the email address should be one that you are able to receive notification mails for when your certificate is about to expire.
Then you need to configure your webserver to use the certificate. This is an example on how to configure your Apache httpd server.
<VirtualHost YOUR_IP:443>
       SuexecUserGroup yourdomain yourdomain
       DocumentRoot /home/yourdomain/htdocs
       SSLEngine on
       SSLProtocol all -SSLv2 -SSLv3
       SSLHonorCipherOrder On
       SSLCertificateFile /etc/letsencrypt/live/
       SSLCertificateKeyFile /etc/letsencrypt/live/
       SSLCertificateChainFile /etc/letsencrypt/live/
       ErrorLog /home/yourdomain/log/error_log
       LogLevel debug
       CustomLog /home/yourdomain/log/access_log combined