How to Install SSL on AWS EC2 WordPress Site

wordpress amazon-web-services ssl amazon-ec2

15,403

Solution 1

If you created WordPress on AWS using "Bitnami", you may ssh to your instance and run:

sudo /opt/bitnami/bncert-tool

See bitnami docs for details

Solution 2

If you're looking for easy and free solution, try https://letsencrypt.org/. They have a easy to follow doc for anyone.

TLDR; Head to https://certbot.eff.org/, choose your OS and server type and they will give you 4-5 line installation to install certificate automatically.

Before attempting, make sure your domain name is correctly pointed to your EC2 using Route53 or Elastic IP.

For example, here's all you need to run to automatically get and install SSL on a Ubuntu EC2 running nginx

$ sudo apt-get update
$ sudo apt-get install software-properties-common
$ sudo add-apt-repository ppa:certbot/certbot
$ sudo apt-get update
$ sudo apt-get install python-certbot-nginx

Best of luck!

Solution 3

This tutorial provides a simple 3 step guide to setting up your Wordpress on AWS using LetsEncrypt / Certbot:

https://blog.brainycheetah.com/index.php/2018/11/02/wordpress-switching-to-https-ssl-hosted-on-aws/

Step 1: Get SSl certificate Step 2: Configure redirects Step 3: Update firewall

At each stage replace 'example.com' with your own site address.

Install certbot:

$ sudo apt-get update
$ sudo apt-get install software-properties-common
$ sudo add-apt-repository ppa:certbot/certbot
$ sudo apt-get update
$ sudo apt-get install python-certbot-apache

Create certificates:

$ sudo certbot --apache -m [email protected] -d example.com -d www.example.com

To configure redirects, first open the wp-config file:

$ sudo vim /var/www/html/example.com/wp-config.php

Insert the following above the "stop editing" comment line:

// HTTPS configuration
define('WP_HOME','https://example.com');
define('WP_SITEURL','https://example.com');
define('FORCE_SSL_ADMIN', true);

And finally, update firewall via the AWS console:

Login to your AWS control panel for your EC2 / Lightsail instance
Select the Networking tab Within the Firewall section, just below the table
Select Add another
Custom and TCP should be pre-populated within the first two fields by default, leave these as they are
Within the Port range field enter 443 Select Save

Then just reload your apache config:

sudo service apache2 reload

And you should be good to go.

Solution 4

According to the Tutorial, since you have configured only an EC2 instance, direct approach is to purchase a SSL certificate and install it into apache server. For detailed steps follow the tutorial HOW TO ADD SSL AND HTTPS IN WORDPRESS How to Add SSL and HTTPS in WordPress.

If you plan to use AWS Certificate Manager issued free SSL certificates, then it requires either to configure a Elastic Load Balancer or the CDN CloudFront. This can get complicated if you are new to AWS. If you plan to give it a try with AWS Cloudfront, follow the steps in How To Use Your Own Secure Domain with CloudFront.

Using Cloudfront also provides a boost in performance since it caches your content and reduces the load from your EC2 instance. However one of the challenges you will face is to avoid mixcontent issues. There are WordPress plugins that are capable of resolving mixcontent issues, so do try them out.

View more solutions

15,403

The Grindfather

Updated on June 04, 2022

Comments

The Grindfather almost 2 years

I've created and launched my WordPress site on AWS using EC2. I followed this tutorial to create the site. Its currently mapped to a domain using Route 53. All development on the site is done online in my instance.

I would now like to install an SSL Certificate on my site. How would I do so?
- Mark B over 6 years
  
  Is it using a load balancer? Are you, or do you plan to put a CDN in front of the website, such as CloudFront?
- The Grindfather over 6 years
  
  I'm not using a load balancer, and I don't plan to put a CDN in front of the website. It is just a plain EC2 setup.
- Mark B over 6 years
  
  Then you should use Let's Encrypt, as detailed in one of the answers below.
The Grindfather over 6 years

Thanks! I'll give that a try!
The Grindfather over 6 years

When I head to CertBot, what settings should I select? Thanks.
tintinboss over 6 years

What's your server? Nginx or apache? What's the OS in use?
The Grindfather over 6 years

It is the default setup from the tutorial, so I believe Apache with Linux.
tintinboss over 6 years

Then select Apache and your linux distro. Google "how to find my linux distro from terminal" if you're not sure which one it is.
José Ripoll almost 4 years

Best solution to this specific problem. Easy and clean. Just to add, i had to reverse my crontab file to default because otherwise it would cause an EOF error.