証明書取得
yum install certbot
vi /etc/httpd/conf.d/httpd-acme.conf
Alias /.well-known/acme-challenge/ "/var/lib/letsencrypt/.well-known/acme-challenge/"
<Directory "/var/lib/letsencrypt/">
AllowOverride None
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
Require method GET POST OPTIONS
</Directory>
mkdir -p /var/lib/letsencrypt/.well-known
service httpd reload
certbot certonly --email email@example.com --webroot -w /var/lib/letsencrypt/ -d www.domain.tld,domain.tld --agree-tos
vi /etc/cron.d/certbot-renew
0 0 * * * root certbot renew --deploy-hook "service httpd reload" 1>>/var/log/certbot-renew.log 2>&1参考
https://wiki.archlinux.jp/index.php/Certbot
【Certbot】CentOS7+Apache2.4にLet’s Encryptで証明書発行 - タイガーラック株式会社 2023
