certbot free ssl

Install certbot

yum install epel-release -y
yum install certbot -y

create ssl cert

certbot certonly -d "*.example.com" -d example.com --manual --preferred-challenges dns

add txt record to the dns

Check validity

openssl x509 -noout -dates -in /etc/letsencrypt/live/sohopay.com/cert.pem

Renew

echo "certbot renew" > /root/sslrenew.sh
chmod +x /root/sslrenew.sh

Add to crontab

0 0 1 * * /root/sslrenew.sh