1) The official packages in EPEL are broken (at least I was unable to install them). 2) Guide on https://www.svennd.be/lets-encrypt-with-centos-6-7/ https://acme-v01.api.letsencrypt.org:443 "POST /acme/new-reg HTTP/1.1" 500 109 Received response: HTTP 500 Server: nginx Content-Type: application/problem+json Content-Length: 109 Boulder-Request-Id: c77q1COmALMLIgG9WxjOUsXmj0UN9dt4oUWEe-S_Su0 Replay-Nonce: x5MSSJadipC0jW_qyG7XN8wGBjeNn3eF5bbTe2ciwYM Expires: Wed, 09 Aug 2017 05:23:01 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Wed, 09 Aug 2017 05:23:01 GMT Connection: close { "type": "urn:acme:error:serverInternal", "detail": "Error creating new registration", "status": 500 } Storing nonce: x5MSSJadipC0jW_qyG7XN8wGBjeNn3eF5bbTe2ciwYM Exiting abnormally: Traceback (most recent call last): File "/root/.local/share/letsencrypt/bin/letsencrypt", line 11, in sys.exit(main()) File "/root/.local/share/letsencrypt/lib/python2.7/site-packages/certbot/main.py", line 753, in main return config.func(config, plugins) File "/root/.local/share/letsencrypt/lib/python2.7/site-packages/certbot/main.py", line 598, in run le_client = _init_le_client(config, authenticator, installer) File "/root/.local/share/letsencrypt/lib/python2.7/site-packages/certbot/main.py", line 390, in _init_le_client acc, acme = _determine_account(config) File "/root/.local/share/letsencrypt/lib/python2.7/site-packages/certbot/main.py", line 375, in _determine_account config, account_storage, tos_cb=_tos_cb) File "/root/.local/share/letsencrypt/lib/python2.7/site-packages/certbot/client.py", line 165, in register regr = perform_registration(acme, config) File "/root/.local/share/letsencrypt/lib/python2.7/site-packages/certbot/client.py", line 195, in perform_registration return acme.register(messages.NewRegistration.from_data(email=config.email)) File "/root/.local/share/letsencrypt/lib/python2.7/site-packages/acme/client.py", line 97, in register response = self.net.post(self.directory[new_reg], new_reg) File "/root/.local/share/letsencrypt/lib/python2.7/site-packages/acme/client.py", line 682, in post return self._post_once(*args, **kwargs) File "/root/.local/share/letsencrypt/lib/python2.7/site-packages/acme/client.py", line 695, in _post_once return self._check_response(response, content_type=content_type) File "/root/.local/share/letsencrypt/lib/python2.7/site-packages/acme/client.py", line 582, in _check_response raise messages.Error.from_json(jobj) Error: urn:acme:error:serverInternal :: The server experienced an internal error :: Error creating new registration An unexpected error occurred: The server experienced an internal error :: Error creating new registration Please see the logfiles in /var/log/letsencrypt for more details. and installs half of Python bullshit onto machine! This is no way, compare to acme_client on OpenBSD. 3) https://kristaps.bsd.lv/acme-client/ yum install openssl-devel libbsd-devel gnutls-devel wget https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.6.0.tar.gz #build libreesl to /usr/local/ make make install # follow https://spin.atomicobject.com/2016/09/20/openbsd-acme-client-lets-encrypt/ cat >/etc/ld.so.conf.d/local.conf < Options None AllowOverride None Order Deny,Allow Allow from All Header add Content-Type text/plain for every domain we want a certificate for (in the non-SSL-version of the virtual host configuration): Alias /.well-known/acme-challenge/ /var/www/acme/ RewriteEngine On RewriteCond %{HTTPS} !=on RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/ RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] links ----- https://www.metachris.com/2015/12/comparison-of-10-acme-lets-encrypt-clients/ https://medium.com/chris-opperwall/using-acme-client-for-letsencrypt-on-freebsd-db0ee643ef1f