How to install Let’s Encrypt SSL certificates in AWS Lightsail Bitnami WordPress

First get a Free SSL for your WordPress website

After setting up your first Lightsail WordPress application, first, you need to install the OSE Free SSL plugin into your WordPress website. The plugin will request the SSL certificates from Let’s Encrypt (a free, automated, and open certificate authority (CA), run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG).) and deliver the SSL certificates to the provided email address.



PREREQUISITES

  • PHP version 5.3+.
  • cURL and OpenSSL extensions in PHP
  • When using FTP mode, an FTP account with the access to /public_html/.well-known (for cpanel) or /httpdocs/.well-known (for plesk).

INSTALLATION

Install through Plugins Menu
  • Search “OSE Free SSL” in the plugin menu then install and activate it. After that, there will be a new menu OSE Free SSL on the side bar.
Install by Uploading the files through FTP
  • Upload the entire ose-lets-encrypt folder to the /wp-content/plugins/ directory
  • Activate the plugin through the Plugins menu in WordPress backend. After that, there will be a new menu OSE Free SSL on the side bar.

REQUESTING A FREE SSL CERTIFICATE

There are two modes that you can request the free SSL certificate from Let’s Encrypt. They are HTTP and FTP mode respectively.

HTTP Mode

In the HTTP mode, you can directly request the certificate sent to your email. In most cases, if the file permissions are correct, the plugin will create the folder /.well-known/acme-challenge/ automatically and upload the acme challenge tokens to verify the domain ownership.

If there are no file permissions issues, simply enter the email address and click the Save button to save the email into your database, after that, please click the ‘SSL Request’ button to request an SSL from Let’s Encrypt.

If there are no file permissions issues, simply:

  • Enter the email address
  • Save the setting
  • Click the ‘SSL Request’ button to request an SSL from Let’s Encrypt.



FTP Mode

In the cases that the file permissions are incorrect so the plugin cannot write files into the folder /.well-known/acme-challenge/ directly, the ftp form window shows up so you can enter your ftp accounts. Please refer to this tutorial to create the ftp account:

Go back to OSE Free SSL menu in your WordPress website and:

  • Fill in the FTP info created above
  • Save the setting
  • Click the ‘SSL Request’ button to request an SSL from Let’s Encrypt.

RECEIVING YOUR SSL CERTIFICATE

Should the Domain Validation goes successfully, your SSL certificate will be delivered to your email address shortly.

INSTALL THE FREE SSL CERTIFICATES

At this point, you should have received the certificate package after setting up the plugin and requesting SSL. Download the attachment in the email to your PC and extract the package. There are three files in the zip file, here we use aws-test.opensource-excellence.com as example, so we have the following three files:

  • aws-test.opensource-excellence.com.crt
  • aws-test.opensource-excellence.com.key
  • chain.crt

Follow the instructions below to install the certificates into your Bitnami WordPress image.

  • Login your AWS Lightsail account and click the Connect tab
  • Scroll down to the ‘Connect securely using your browser’ section
  • At the bottom of the page, click the link ‘Account page’

On the next page

  • Download the private key

Next install the new certificate:

  • Open Filezilla
  • Config the SSH connection according to the screenshot.
  • Set username as bitnami
  • Choose the downloaded private key as the key file
  • Upload the three certificates files to the /opt/binami/apache2/conf folder



  • Next browse to the /opt/binami/apache2/conf/bitnami folder
  • Download the file bitnami.conf
  • Go to the VirtualHost _default_:443 section
  • Change the SSLCertificateFile path to “/opt/bitnami/apache2/conf/aws-test.opensource-excellence.com.crt” (please change the actual file name you just uploaded)
  • Change the SSLCertificateKeyFilepath to “/opt/bitnami/apache2/conf/aws-test.opensource-excellence.com.key”
  • Add the SSLCertificateChainFile and set its path to “/opt/bitnami/apache2/conf/chain.crt”
  • Save the file and upload it back to the server
  • Reboot WordPress and wait for the server to restart
  • Check your website in https protocol, e.g. https://aws-test.opensource-excellence.com in this case
  • The navigation bar now becomes green
  • You can check the detail of the certificate as well
  • That’s it, enjoy the Free Let’s Encrypt SSL certificates with OSE Free SSL WordPress plugin

SECURE YOUR WEBSITE NOW

Take full advantage of the Free SSL revolution and add an extra layer of security for your website now.

Leave a Reply