Dr. Jeannot Muller

By the time of writing this article the installation of certbot on CentOS 8 is facing a few challenges. This guide will show you how to install Let's Encrypt on CentOS 8.

First of all it is always a good idea to check if your release is running the newest updates:

yum -y update

Then we need to enable the Powertools: therefore we need to change the flag 'enabled = 0' to 'enabled = 1' in he following file.

vi  /etc/yum.repos.d/CentOS-PowerTools.repo
# update status of each mirror to pick mirrors that are updated to and
# geographically close to the client.  You should use this for CentOS updates
# unless you are manually picking other mirrors.
#
# If the mirrorlist= does not work for you, as a fall back you can try the
# remarked out baseurl= line instead.
#
#

[PowerTools]
name=CentOS-$releasever - PowerTools
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=PowerTools&infra=$infra
#baseurl=http://mirror.centos.org/$contentdir/$releasever/PowerTools/$basearch/os/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial

After this change we are activating EPEL,  extra packages for enterprise linux.

yum -y install epel-release

After these changes, certbot can be installed without any issues:

dnf install certbot

Please ensure that your firewall settings are correct. You need 443 port open for secure https communication, but Let's Encrypt needs initially a communication via port 80 to gather the necessary information for the to be issued certificates:

firewall-cmd --permanent --add-port=80/tcp
firewall-cmd --permanent --add-port=443/tcp
firewall-cmd --reload

You will now find certbot in the following folder:

/usr/bin/certbot

This has been tested on a brand new CentOS installation from UpCloud.