SSL installation in goautodial version 4

1. yum install certbot -y

2. sudo certbot --apache -d dialer.company.com

3. Sample Output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for dialer.company.com
Waiting for verification...
Cleaning up challenges
Created an SSL vhost at /etc/httpd/conf.d/company-le-ssl.conf
Deploying Certificate to VirtualHost /etc/httpd/conf.d/company-le-ssl.conf

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2 (ni-press ko 2)
Redirecting vhost in /etc/httpd/conf.d/company.conf to ssl vhost in /etc/httpd/conf.d/company-le-ssl.conf

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://dialer.company.com

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=dialer.company.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/dialer.company.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/dialer.company.com/privkey.pem
   Your cert will expire on 2020-01-14. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot again
   with the "certonly" option. To non-interactively renew *all* of
   your certificates, run "certbot renew" 
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le
4. Set Permissions:

chmod 755 /etc/letsencrypt/archive/
chmod 755 /etc/letsencrypt/live
chmod 644 /etc/letsencrypt/live/dialer.company.com/privkey.pem
5. Edit /etc/kamailio/tls.cfg

Set the following:
private_key = /etc/letsencrypt/live/dialer.company.com/privkey.pem
certificate = /etc/letsencrypt/live/dialer.company.com/cert.pem 
6. systemctl httpd restart
5. systemctl kamailio restart

7. Let’s Encrypt recommends the automatic renew cronjob to run twice a day, to do that add the following line and then save and exit the crontab:

#automatic renew cronjob to run twice a day
* */12 * * * /usr/bin/certbot renew >/dev/null 2>&1