How to Install SSL Certificates on AWS Lightsail – Ogbeta Online

how to Install free SSL Certificates Lightsail aws

Enabling Hypertext Transfer Protocol Secure (HTTPS) for your WordPress website assures visitors that your website is secure, that is why in this post, I will be guiding, on how to install SSL Certificates on Lightsail Instance.

I recommend you continue to read, to get all the tricks on how to install SSL Certificates on aws Instance.

Enabling Hypertext Transfer Protocol Secure (HTTPS) for your WordPress website assures visitors that your website is secure; that it’s sending and receiving encrypted data.

A non-secure website has an address that starts with http, such as http://example.com, while a secure website has an address that starts with https, such as https://example.com.

Even if your website is primarily informational, it’s still recommended that you enable HTTPS. This is because most web browsers will notify website visitors that your website is not secure if HTTPS is not enabled, and your website will rank lower in search engine results.

This guide shows you how to use the Bitnami HTTPS configuration tool (bncert) to enable HTTPS on your Certified by Bitnami WordPress instance on Amazon Lightsail.

It lets you request certificates only for the domains and subdomains that you specify when making your request. Recently, most aws Instance support (bncert) but if your Instance do not have (bncert tools), you install it manually, using simple commands.

So let us dive into how to install SSL Certificates on AWS Lightsail.

Step 1: Learn about SSL Certificates process

To enable HTTPS for your WordPress website, connect to your Lightsail instance using SSH, and use the bncert tool to request an SSL/TLS certificate from the Let’s Encrypt certificate authority.

When you request the certificate, you specify your website’s primary domain (example.com) and alternate domains (www.example.com, blog.example.com, etc.), if any.

Also Read: 5 great things you can get for free

Let’s Encrypt validates that you own the domains either by asking you to create TXT records in the DNS of your domains, or by verifying that those domains are already directing traffic to the public IP address of the instance from which you make the request.

After your certificate is validated, you can configure your WordPress website to automatically redirect visitors from HTTP to HTTPS (http://example.com redirects to https://example.com) so that visitors are forced to use the encrypted connection.

You can also configure your website to automatically redirect the www subdomain to the apex of your domain (https://www.example.com redirects to https://example.com) or vice versa (https://example.com redirects to https://www.example.com).

These redirections are also configured using the bncert tool. Let’s Encrypt requires that you renew your certificate every 90 days to maintain HTTPS on your website.

The bncert tool automatically renews your certificates for you, so that you can spend more time focusing on your website.

Limitations of the bncert tool

The bncert tool has the following limitations:

  • It’s not preinstalled on all Certified by Bitnami WordPress instances when they’re created. WordPress instances that were created on Lightsail a while back will require that you manually install the bncert tool.
  • It lets you request certificates only for the domains and subdomains that you specify when making your request. This is different than the Certbot tool, which lets you request a certificate for domains and a wildcard certificate for subdomains.
  • However, Certbot does not automatically renew your certificate like the bncert tool. If you use Certbot, you have to manually renew your certificates every 90 days.

Step 2: Complete the Requirements

  • Valid Domain name
  • Create Lightsail or EC2 Instance
  • Create Static IP address and attach it to the Instance
  • Add DNS records to the DNS of your domain provider, that directs traffic for the apex of your domain (example.com) and for its www subdomain (www.example.com) to the public IP address of your WordPress instance in Lightsail.

It is important note that, you need add DNS records to the DNS of all domains that you want to use with your WordPress website. All of those domains should be routing traffic to the public IP address of your WordPress website.

The bncert tool will issue certificates only for domains that are currently directing traffic to the public IP address of your WordPress instance.

Also Read: How Does Brave Protect Users From Google AMP

This means, if your domain is not attached with Static IP address, you can’t install SSL certificates on any Domain.

Step 3: Connect to your instance

Complete the following steps to connect to your instance using the browser-based SSH client in the Lightsail console.

  1. Sign in to the Lightsail console.
  2. On the Lightsail home page, choose the SSH quick connect icon for your WordPress instance.

The browser-based SSH client terminal window opens. You are successfully connected to your instance via SSH if you see the Bitnami logo as shown in the following example.

How to install SSL Certificates on Lightsail

Step 4: Confirm the bncert tool is installed on your instance

Complete the following steps to ensure the Bitnami HTTPS configuration tool (bncert) is installed on your instance. It’s not preinstalled on all Certified by Bitnami WordPress instances when they’re created.

WordPress instances that were created on Lightsail a while back will require that you manually install the bncert tool. This procedure includes the steps to install the tool if it’s is not installed.

#1. Enter the following command to run the bncert tool.

sudo /opt/bitnami/bncert-tool

If you see command not found in the response as shown in the following example, then the bncert tool is not installed on your instance.

Continue to the next step in this procedure to install the bncert tool on your instance.

Note: The bncert tool can only be used on WordPress instances that are Certified by Bitnami. Alternately, you can use the Certbot tool to enable HTTPS on your WordPress instance.

If you see Welcome to the Bitnami HTTPS configuration tool in the response as shown in the following example, then the bncert tool is installed on your instance.

Continue to the Step 5: Enable HTTPS on your WordPress instance section of this guide.

How to Install SSL Certificates on Lightsail

#2. Enter the following command to download the bncert run file to your instance.

wget -O bncert-linux-x64.runhttps://downloads.bitnami.com/files/bncert/latest/bncert-linux-x64.run

#3. Enter the following command to create a directory for the bncert run file on your instance.

sudo mkdir /opt/bitnami/bncert

#4. Enter the following command to move the downloaded bncert run file to the new directory you created.

sudo mv bncert-linux-x64.run /opt/bitnami/bncert/

#5. Enter the following command to make the bncert run a file that can be executed as a program.

sudo chmod +x /opt/bitnami/bncert/bncert-linux-x64.run

#6. Enter the following command to create a symbolic link that runs the bncert tool

sudo ln -s /opt/bitnami/bncert/bncert-linux-x64.run /opt/bitnami/bncert-tool

You are now done installing the bncert tool on your instance. Continue to the Step 5: Enable HTTPS on your WordPress instance section of this guide.

Step 5: Enable HTTPS on AWS Lightsail WordPress instance

Complete the following procedure to enable HTTPs on your WordPress instance after you have confirmed that the bncert tool is installed on your instance.

#1. Enter the following command to run the bncert tool.
sudo /opt/bitnami/bncert-tool

You should see a message similar to the following example.

How to Install SSL Certificates on Lightsail

If the bncert tool has been installed on your instance for a while, then you might see a message indicating that an updated version of the tool is available.

Choose to download it as shown in the following example, and then enter the sudo /opt/bitnami/bncert-tool command to run the bncert tool again.

#2. Enter your primary domain name and alternate domain names separated by a space as shown in the following example.

If your domain is not configured to route traffic to the public IP address of your instance, the bncert tool will ask you to make that configuration before continuing.

Your domain must be routing traffic to the public IP address of the instance from which you are using the bncert tool to enable HTTPS on the instance.

This confirms that you own the domain, and serves as the validation for your certificate.

How to Install SSL Certificates on Lightsail

#3. The bncert tool will ask you how you want your website’s redirection to be configured. These are the options available:

  • Enable HTTP to HTTPS redirection – Specifies whether users who browse to the HTTP version of your website (i.e., http:/example.com) are automatically redirected to the HTTPS version (i.e., https://example.com). We recommend enabling this option because it forces all visitors to use the encrypted connection. Type Y and press Enter to enable it.
  • Enable non-www to www redirection – Specifies whether users who browse to the apex of your domain (i.e., https://example.com) are automatically redirected to your domain’s www subdomain (i.e., https://www.example.com). We recommend enabling this option. However, you may want to disable it and enable the alternate option (enable www to non-www redirection) if you have specified the apex of your domain as your preferred website address in search engine tools like Google’s webmaster tools, or if your apex points directly to your IP and your www subdomain references your apex via a CNAME record. Type Y and press Enter to enable it.
  • Enable www to non-www redirection – Specifies whether users who browse to your domain’s www subdomain (i.e., https://www.example.com) are automatically redirected to the apex of your domain (i.e., https://example.com). We recommend disabling this, if you enabled non-www redirection to www. Type N and press Enter to disable it.

Your selections should look like the following example.

How to Install SSL Certificates

#4. The changes that are going to be made are listed. Type Y and press Enter to confirm and continue.

How to Install SSL Certificates on Lightsail

#5. Enter your email address to associate with your Let’s Encrypt certificate and press Enter.

#6. Review the Let’s Encrypt Subscriber Agreement. Type Y and press Enter to accept the agreement and continue.

The actions are performed to enable HTTPS on your instance, including requesting the certificate and configuring the redirections you specified.

Your certificate is successfully issued and validated, and the redirections are successfully configured on your instance if you see a message similar to the following example.

How to Install SSL Certificates on Lightsail

You are now done enabling HTTPS on your WordPress instance. Continue to the Step 6: Test that your website is using HTTPS section of this guide.

Step 6: Test that your website is using HTTPS

After you enable HTTPS on your WordPress instance, you should confirm that your website is using HTTPS by browsing to all of the domains that you specified when using the bncert tool.

When you visit each domain, you should see that they use a secure connection as shown in the following example.

You might have to refresh, and clear your browser’s cache to see the change.

You might also notice that the non-www address redirects to the www subdomain of your domain, or vice versa depending on the option you selected when running the bncert tool.

If you have been asking, how to install SSL Certificates on AWS Lightsail, this is how to get it done.

Give me your thought on how to install SSL Certificates on aws Lightsail.

If you have any problem on how to install SSL Certificates on aws Lightsail Instance, contact Me.

Subscribe to our Newsletter

Hi, I am Oyakhilome Ogbeta, a Techpreneur. I love doing Web Development & Computer Networking.

Ogbeta Online © 2023 - All rights reserved
Go to top