SSL Certificates with LetsEncrypt

yum -y install yum-utils

yum-config-manager --enable rhui-REGION-rhel-server-extras rhui-REGION-rhel-server-optional

yum -y install certbot

certbot certonly --webroot -w /var/www/certs -d dragoncoin.com -d www.dragoncoin.com

cd /etc/letsencrypt/

wget 

chmod a+x certbot-auto

/etc/letsencrypt/certbot-auto certonly --manual -d *.kimconnect.com -d kimconnect.com --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory

cd /etc/letsencrypt/

certbot-auto certonly --manual -d *.dragoncoin.com -d dragoncoin.com --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory

##### Completed SSL Cert Registration #####

IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/dragoncoin.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/dragoncoin.com/privkey.pem
   Your cert will expire on 2019-05-03. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot-auto
   again. To non-interactively renew *all* of your certificates, run
   "certbot-auto renew"
- If you like Certbot, please consider supporting our work by:
   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

# Move certbot-auto into appropriate directory
mv certbot-auto /etc/letsencrypt/

# Edit Crontab
crontab -e

# Set renewal every 3rd month at 2:00AM
0 2 1 */4 * /etc/letsencrypt/certbot-auto renew --force-renew && systemctl restart nginx >/dev/null 2>&1

# Combine fullchain with private key into one file

DOMAIN='dragoncoin.com' sudo -E bash -c 'cat /etc/letsencrypt/live/$DOMAIN/fullchain.pem /etc/letsencrypt/live/$DOMAIN/privkey.pem > /etc/letsencrypt/live/$DOMAIN/$DOMAIN.pem'

DOMAIN='kimconnect.com' sudo -E bash -c 'cat /etc/letsencrypt/live/$DOMAIN/fullchain.pem /etc/letsencrypt/live/$DOMAIN/privkey.pem > /etc/letsencrypt/live/$DOMAIN/$DOMAIN.pem'