Chris Mendez in DevOps, For Developers, Wordpress, AWS, EC2, SSL

Install Let's Encrypt SSL on Wordpress Lightsail or EC2 by Bitnami

We are going to use Let's Encrypt Certificate Authority to create and install a free SSL certificate.


Step 1 - Log In

ssh -i /path/to/file.pem bitnami@xx.xxx.xxx.xxx  

Step 2 - Install Git

Update your package manager.

sudo apt-get update  

Install Git.

sudo apt-get install git  

Step 3 - Download and install Certbot

Certbot is the client tool that will allow you to request and install an SSL certificate from Let's Encrypt.

cd /tmp  

Download Certbot.

git clone https://github.com/certbot/certbot  

Install Certbot.

cd certbot && ./certbot-auto  

Step 4 - Request and install an SSL certificate

Generate And Install A Let's Encrypt Certificate using Certbot.

./certbot-auto certonly --webroot -w /opt/bitnami/apps/wordpress/htdocs/ -d SUBDOMAIN.MYDOMAIN.COM

Step 5 - Configure Apache

Link your SSL certificate and certificate key file to the correct locations.

sudo ln -s /etc/letsencrypt/live/SUBDOMAIN.MYDOMAIN.COM/fullchain.pem /opt/bitnami/apache2/conf/server.crt  
sudo ln -s /etc/letsencrypt/live/SUBDOMAIN.MYDOMAIN.COM/privkey.pem /opt/bitnami/apache2/conf/server.key  

Step 6 - Restart Apache

sudo /opt/bitnami/ctlscript.sh restart apache  

Step 7 - Renew your Cert

How To Renew A Let's Encrypt Certificate For Your Domain Using The Certbot Client?

./certbot-auto renew

Access my app from only one domain

To redirect all these domains to your own domain, add the following configuration.

nano /opt/bitnami/apache2/conf/bitnami/bitnami.conf  
<VirtualHost _default_:80>  
RewriteEngine On  
RewriteCond %{HTTP_HOST} !^example.com$  
RewriteCond %{HTTP_HOST} !^(localhost|127.0.0.1)  
RewriteRule ^(.*)$ http://example.com$1 [R=permanent,L]  
...

<VirtualHost _default_:443>  
RewriteEngine On  
RewriteCond %{HTTP_HOST} !^example.com$  
RewriteCond %{HTTP_HOST} !^(localhost|127.0.0.1)  
RewriteRule ^(.*)$ https://example.com$1 [R=permanent,L]  
...

Troubleshooting

Installing Plugins

If at any point you struggle to install plug-ins, try this.

Change ownership.

sudo chown -R bitnami:daemon [installdir]/apps/wordpress/htdocs/wp-content  

Change directory permissions.

sudo chmod -R g+w [installdir]/apps/wordpress/htdocs/wp-content  

Resources