The magic moment is here. We have Apache, we have snapd, it is time for


Remove any old Certbot, and install new Certbot
sudo dnf remove certbot
sudo snap install --classic certbot
ERROR: I tried running the install right away, and go this error

FIX: Waiting a couple minutes and trying again resolved this issue, and I got Certbot 2.6.0.
More symbolic linking to glue Certbot into place
sudo ln -s /snap/bin/certbot /usr/bin/certbot
Using Certbot
Alright, with certbot in place, there are a couple options (See the instructions page), but I just wanted to try the easiest version first
sudo certbot --apache
Certbot will prompt you for the virtual hosts (they must already be configured in Apache on port 80) and maybe your email address. Then it will set about obtaining the requested SSL certs



ERROR: If you get an error like:

FIX: Go back to the Apache installation post, and be sure your Virtual Host is configured.
Revisiting Apache
I am basing these instructions from this Stack Overflow post – as it states, we are not quite out of the woods. First, uncomment out the 443 lines previously commented out (or if you skipped them, now is the time to append them to the previous text in that file) from the /etc/httpd/conf.d/yourdomain.conf file
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName yourDomainName.com
DocumentRoot /var/www/html
ServerAlias www.yourDomainName.com
ErrorLog /var/www/error.log
CustomLog /var/www/requests.log combined
Include /etc/letsencrypt/options-ssl-apache.conf
LogLevel alert rewrite:trace3
SSLCertificateFile /etc/letsencrypt/live/yourDomainName.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yourDomainName.com/privkey.pem
</VirtualHost>
</IfModule>
Certbot already modified my .conf file for me, but you will need something like the below in your port 80 config, so the site automatically redirects to port 443:
#this goes in at the bottom 3 lines of the VirtualHost *:80 section
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
now it is time to restart Apache and see how we did, yeah?
sudo systemctl restart httpd
My domain automatically redirected and the browser reports the domain is secured
