In this tutorial I am going to show you how to add SSL certificate into EC2 instance for free of cost.
If you are collecting any sensitive information on your website , then you need to be secure. One of the best ways to do that is to enable HTTPS, also known as SSL (secure socket layers), so that any information going to and from your server is automatically encrypted. This prevents hackers from sniffing out your visitors’ sensitive information as it passes through the internet. Users feel safe to visit when browser shows secure connection lock .
I assume you are running Apache server in Linux 2 Ami in EC2 instance. You have already setup domain configuration and yourdomain.com triggers your EC2 server. Make sure security group has allow rule for SSH,HTTP and HTTPS request. I recommend installing SSL certificate before installing WordPress or any dynamic pages so you wont have mixed content problem later. In this instruction, we are using Lets Encrypt SSL certificate by Certbolt. Keep your Apache server running we are going to make your web page safer.
First log into SSH console as ec2-user .
Install SSL mode for Apache 2.4 which is required before installing SSL certificate.
Sudo yum install mod24_ssl
Now you have to install virtual host listening to port 80. You have to create small file called vhost.conf where virtual host information along with your domain name are kept. Start nano text editor to create and write information into it. If you face problem creating file then login using root user using Sudo Su command .
sudo nano /etc/httpd/conf.d/vhost.conf
Now nano text editor will start. Add following lines to text editor.
<VirtualHost *:80>
ServerName www.yourdomain.com
DocumentRoot /var/www/html
ServerAdmin [email protected]
<Directory /var/www/html>
AllowOverride All
</Directory>
</VirtualHost>
Save file using ctrl + O and exit text editor usung ctrl+X .
Restart Apache so that virtual host can work
sudo systemctl restart httpd
Now install system dependencies ( python 3) using following command.
sudo yum install python3 augeas-libs0
sudo python3 -m venv /opt/certbot/
sudo /opt/certbot/bin/pip install –upgrade pip
sudo ln -s /opt/certbot/bin/certbot /usr/bin/certbot
Now Certbot has been installed. Let certbot install certificate for you.
sudo certbot –apache –debug
SSL certificate should now be installed in Apache system. Try https://www.yourdomain.com to check.
This certificate is usually Valid for 3 months but you can run same command automatically so you dont have to run command every 90 days. You can use cronjob to schedule the task. Just run following command in ssh console to to do this.
echo “0 0,12 * * * root /opt/certbot/bin/python -c ‘import random; import time; time.sleep(random.random() * 3600)’ && certbot renew -q” | sudo tee -a /etc/crontab > /dev/null
SSL installation is finished. yourdomain.com will be redirected to https://yourdomain.com. if you face any problem please comment , I will try to solve the problem.
