Setting up Secure Socket Layer for Amazon Lightsail has become my favourite topic. It was not easy to set up initially and it gets even more troublesome when come to renewing it. Now it has become much easier with the The Bitnami HTTPS Configuration Tool.
Check out the link to learn more. There is an even more useful video at the end. The nice thing about the Bitnami HTTPS Configuration Tool is that it not only (1) Creates the SSL certificates needed (2) Set up a cron job to renew it automatically (3) Solve the naked domain issue with Lightsail which means www vs non-www are solved by this tool too. In one stroke, it renders three of my articles all irrelevant 🙂
Technology Advancement… the joy.
First you need to check if The Bitnami HTTPS Configuration Tool is even in your Lightsail. It was NOT in my instances NOR was it in the new instances I have created. To check, first you do these 2 commands
From the above screenshot, you can see that the command file “bncert-tool” is missing from the listing. You then need to “install” the tool by means of these commands:
sudo wget -O bncert-linux-x64.run https://downloads.bitnami.com/files/bncert/latest/bncert-linux-x64.run
sudo mkdir /opt/bitnami/bncert
sudo mv bncert-linux-x64.run /opt/bitnami/bncert/
sudo chmod +x /opt/bitnami/bncert/bncert-linux-x64.run
sudo ln -s /opt/bitnami/bncert/bncert-linux-x64.run /opt/bitnami/bncert-tool
You can then do another “ls” directory listing and see the tool
Run the The Bitnami HTTPS Configuration Tool is installed now with this command
The tool will next ask you for the domain that you want to install the SSL. The tool will also nicely tell you that you only need to supply either the www version or the non-www version 🙂
The next screen is amazing. Tell me how many things this tool do for you. Https redirection. Cron job. www redirection etc.
Provide an email address and it is done….
And that’s it. You now have SSL in your Amazon Lightsail and it will be automatically renewed. Plus you have the redirection for https. And most importantly, the naked domain redirection too.