Home  »  ArticlesGuidesHardwareLibrariesProgrammingSoftwareTechnologyTools   »   How to Install SSL Certificates on Rocky Linux 8.10 Systems

How to Install SSL Certificates on Rocky Linux 8.10 Systems

Securing your web server with SSL/TLS certificates is crucial for protecting sensitive data and ensuring secure communication between clients and servers. This guide will walk you through the process of installing SSL certificates on a Rocky Linux 8.10 system.


Before you start, ensure you have:

  • A running Rocky Linux 8.10 system
  • A user account with sudo privileges
  • Internet connectivity to download packages
  • A registered domain name pointing to your server’s IP address

Step 1: Update Your System

First, update your system to ensure all existing packages are up to date.

$ sudo dnf update -y

Step 2: Install Apache or Nginx

You need a web server to install the SSL certificate on. This guide will cover the installation for both Apache and Nginx.

For Apache:

$ sudo dnf install httpd -y
$ sudo systemctl start httpd
$ sudo systemctl enable httpd

For Nginx:

$ sudo dnf install nginx -y
$ sudo systemctl start nginx
$ sudo systemctl enable nginx

Step 3: Install Certbot

Certbot is a tool that automates the process of obtaining and renewing SSL certificates from Let’s Encrypt.

For Apache:

$ sudo dnf install certbot python3-certbot-apache -y

For Nginx:

$ sudo dnf install certbot python3-certbot-nginx -y

Step 4: Obtain an SSL Certificate

Use Certbot to obtain an SSL certificate. Certbot will automatically configure your web server to use the certificate.

For Apache:

$ sudo certbot --apache

For Nginx:

$ sudo certbot --nginx

You will be prompted to enter your email address and agree to the terms of service. Certbot will then automatically obtain and install the SSL certificate for your domain.

Step 5: Verify the Installation

After obtaining and installing the SSL certificate, you can verify the installation by accessing your website using https://. You can also use the curl command to check the HTTPS headers:

$ curl -I https://your_domain

You should see HTTP headers indicating a successful HTTPS connection.

Step 6: Set Up Automatic Renewal

Let’s Encrypt certificates are valid for 90 days. Certbot can automatically renew the certificates before they expire. To set up automatic renewal, create a cron job.

Open the crontab for editing:

$ sudo crontab -e

Add the following line to the crontab to check for renewal twice a day:

0 */12 * * * /usr/bin/certbot renew --quiet

This cron job will run the Certbot renew command twice a day and renew any certificates that are within 30 days of expiration.

Step 7: Troubleshooting

If you encounter any issues during the installation or renewal process, Certbot provides detailed logs that can help you diagnose the problem. The logs are located in /var/log/letsencrypt.

You can also test your SSL configuration using online tools like SSL Labs’ SSL Test.


You have successfully installed SSL certificates on your Rocky Linux 8.10 system using Certbot and Let’s Encrypt. Your web server is now secured with HTTPS, ensuring encrypted communication between your server and clients. For more detailed configurations and advanced usage, refer to the official documentation of each component:


Found this article interesting? Follow Brightwhiz on Facebook, Twitter, and YouTube to read and watch more content we post.