In the next installment of the Your Own FreeBSD Server series, we’ll install a TSL/SSL certificate.
TLS (Transport Layer Security) – an Internet-standard extension of the SSL (Secure Socket Layer) protocol, originally designed by Netscape Communications. TLS ensures the confidentiality and integrity of data transmission, as well as server and sometimes client authentication. It relies on asymmetric encryption and X.509 certificates.
We’ll install the Let’s Encrypt certificate using the Certbot tool.
pkg search certbot
For Apache:
pkg install py311-certbot-apache
For Nginx:
pkg install py311-certbot-nginx
To automatically renew certificates, add this line:
weekly_certbot_enable=”YES”
to the file:
/etc/periodic.conf
Make sure the SSL module is enabled, in the file:
/usr/local/etc/apache24/httpd.conf
line:
LoadModule ssl_module libexec/apache24/mod_ssl.so
and:
LoadModule rewrite_module libexec/apache24/mod_rewrite.so
Installing the certificate for Apache:
certbot –apache -d doamin.com -d www.comain.com
Installing the certificate for Nginx:
certbot –nginx -d domain.com -d www.domain.com
Check if the configuration is correct:
apachectl configtest
Then restart Apache:
service apache24 restart
or restart Nginx:
service nginx restart
These are general instructions for installing the Let’s Encrypt certificate using Certboot on a FreeBSD system.
Depending on your server settings, your configuration may look slightly different.
In the next, fifth installment of the series, we will install an FTP server.
