Install certbot
yum install epel-release -y
yum install certbot -y
create ssl cert
certbot certonly -d "*.example.com" -d example.com --manual --preferred-challenges dns
add txt record to the dns
Check validity
openssl x509 -noout -dates -in /etc/letsencrypt/live/sohopay.com/cert.pem
Renew
echo "certbot renew" > /root/sslrenew.sh
chmod +x /root/sslrenew.sh
Add to crontab
0 0 1 * * /root/sslrenew.sh