How to install Let’s Encrypt SSL on AWS Bitnami

September 12, 2018/2/1

In the world of website development and app development we are the midst of a transition from conventional hosting to cloud hosting as the new norm.

If you manage a cloud server, or own a cloud server you must be certain that you are setting them up to be secure, lest you set yourself or your clients up for nasty data breaches and site hacks. 

So, how do you ensure a certain level of security on your servers? 

There are many things that can and should be done on your cloud servers, but I’ll focus on one in this post. Setting an SSL Certificate.

What is an SSL Certificate?

In short, an SSL certificate is an authentication method that encrypts the connection between your server and the user’s web browser. And for simplicity, think of it as communicating using a secret code. A code that only the server and the browser can decode using their secret decoder rings. (Yep, I grew up in the 80’s! The era of Cracker Jack toys and Cap’n Crunch wistles) 

So when sending data back and forth from server to web browser, only the server and the browser can make sense of the data that get’s transmitted. You can probably already understand the necessity for such an encryption to take place since today we send credit card information, social security numbers, bank information, and more to web servers in order to make online purchase. 

So I won’t continue emphasize the importance of SSL because you are a smart person and don’t need a lecture from me. Instead, let’s get straight to how it’s done. 

How to install an SSL Certificate on AWS Bitnami server

Today, I’m taking about how to do this on AWS (Amazon Web Services) but this technique can apply to almost any cloud hosting server. If you prefer Digital Ocean hosting, you can reference this article: https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-16-04

Let’s get started! 

The process is actually pretty easy, but I make the assumption in this article that you already know how to ssh into your server. If you don’t know how to SSH into your server you can find great resources on Bitnami’s website: https://docs.bitnami.com/aws/faq/get-started/connect-ssh/

Once you are connected, here’s how it’s done. Make sure to replace **domain.com** with your actual domain!

  1. Install Certbot: https://certbot.eff.org/
  2. Download LetsEncrypt Certificate for your domains: sudo certbot certonly --webroot -w /opt/bitnami/apps/wordpress/htdocs/ -d **domain.com** -d **www.domain.com** --post-hook="/opt/bitnami/ctlscript.sh restart apache"
  3. Edit /opt/bitnami/apache2/conf/bitnami/bitnami.confsudo nano /opt/bitnami/apache2/conf/bitnami/bitnami.conf
    • Edit SSLCertificateFile to point to /etc/letsencrypt/live/**domain.com**/fullchain.pem
    • Edit SSLCertificateKeyFile to point to /etc/letsencrypt/live/**domain.com**/privkey.pem
  4. Restart apache: /opt/bitnami/ctlscript.sh restart apache

And that’s all it takes to get the server running with a free SSL Certificate from Let’s Encrypt

Final Note:

If you haven’t started using cloud hosting for your websites, I would strongly suggest looking into it. If you are a fellow developer and would like to get started with a cloud hosting company, I enjoy using Digital Ocean cloud hosting services and I think this would be a great place to start. Click here to get $10 of free hosting with Digital Ocean on us. 

Credits:

Co-written by Spencer Heywood – You can find more from him on our blog and here: https://www.the-empire.systems

Navigation
Comments (2)
  • visit here / September 20, 2018 /

    Hey there! I just wanted to ask if you ever have any
    problems with hackers? My last blog (wordpress) was hacked and I
    ended up losing several weeks of hard work due to no back up.
    Do you have any methods to protect against hackers?

    • (Author) Eric Salas / September 20, 2018 /

      That’s a great question! Hackers are a constant threat. But WordPress has some great free plugins that can help. I’ll plan a post about how to secure the site from hackers but in short, look into a plugin called WordFence. They have a free version that works well as a firewall and access restriction service for your WordPress site.

Add comment