DEV Community

Cover image for How to install an SSL certificate on a Bitnami stack hosted on Amazon Lightsail?
Eric O Okiti
Eric O Okiti

Posted on

How to install an SSL certificate on a Bitnami stack hosted on Amazon Lightsail?

In this note, I'll be writing about how to install an SSL certificate on a Bitnami stack hosted on Amazon Lightsail. For the purpose of this tutorial, we'll be using WordPress installation on AWS Lightsail.
After days of figuring out the installation, I finally got a short and quick way of doing it. Let us get started.

Setting up Wordpress on AWS Lightsail

  1. Log in to your AWS console.
  2. In the search box inside the header, search for Lightsail. Click on it to go to the Lightsail console.
  3. Once you're inside the Lightsail console, Click on create instance button.
  4. In the create instance screen, you can choose your preferred instance location. Under the instance image, for the platform, choose Linux/Unix and App+OS (WordPress) for Select a blueprint. Scroll down to select your instance plan and pick a plan that supports your budget.
  5. Under identify your instance, give the instance a unique and descriptive name.
  6. Click on "create instance". You'll wait a while for AWS to perform its magic. Once the instance is created, we can install the SSL certificate.

Linking your domain to your Lightsail instance

After the setup is complete, the next step is to create a static IP address, assign it to your new instance, and link it to a domain. The domain can either be on AWS or on any other domain registry. The following steps will guide you through the process.

  1. In your Lightsail console, click on the networking tab
  2. Click on create static IP.
  3. Choose the instance you want to add the static IP to. Then give it a unique name to identify it.
  4. Click on create and it will generate a new static IP and attach it to your instance.
  5. Add the static IP to your DNS server.

Lightsail static IP

Installing SSL certificate

We'll need to ssh into the instance to add the SSL certificate. We will be using the Lightsail web terminal for this. To begin, click on the terminal icon on the instance card.

Lightsail instance

If it launches successfully, you'll see a screen like the one below.

Lightsail terminal

If you've reached this point, the next thing we'll do is to run the command sudo /opt/bitnami/bncert-tool.
You'll get a prompt that an update for the tool is available. Enter Y (Yes) to update the tool. It is best to use the most recent version of the tool.

The tool will exit and run the update. After the update has run successfully, run the command sudo /opt/bitnami/bncert-tool again. This time, you will get a prompt to enter the domain names separated by space. you then enter your domain name, i.e.
NOTE: make sure to add only domain names that have been added to your DNS server to avoid an error.

Lightsail terminal

After entering the domain names, hit enter and allow the tool to work. After a few seconds, another prompt will appear to enable redirection from HTTP to HTTPS, enter Y and continue. If you added a www domain to your list in the previous step, you would also get a prompt to redirect www or t non-www domain.

Lightsail terminal

Yet another prompt will appear a few seconds after you hit enter from the previous step. This time it will list about 7 changes it wants to perform on your Binami instance. Enter Y and hit enter.

Lets encrypt lightsail

You'll get another one to accept the LetsEncrypt subscriber's agreement, Enter Y and click on continue.

After this, you should get a success message with the directories where the certs are. click on continue and close the terminal. You can visit your site now.

Lightsail terminal

Extra: to get your Wordpress admin password use the command
`cat $HOME/bitnami_application_password

Please Like, Share, and Subscribe.

Top comments (0)