How to Install SSL on AWS EC2 WordPress Site
Solution 1
If you created WordPress on AWS using "Bitnami", you may ssh to your instance and run:
sudo /opt/bitnami/bncert-tool
See bitnami docs for details
Solution 2
If you're looking for easy and free solution, try https://letsencrypt.org/. They have a easy to follow doc for anyone.
TLDR; Head to https://certbot.eff.org/, choose your OS and server type and they will give you 4-5 line installation to install certificate automatically.
Before attempting, make sure your domain name is correctly pointed to your EC2 using Route53 or Elastic IP.
For example, here's all you need to run to automatically get and install SSL on a Ubuntu EC2 running nginx
$ sudo apt-get update
$ sudo apt-get install software-properties-common
$ sudo add-apt-repository ppa:certbot/certbot
$ sudo apt-get update
$ sudo apt-get install python-certbot-nginx
Best of luck!
Solution 3
This tutorial provides a simple 3 step guide to setting up your Wordpress on AWS using LetsEncrypt / Certbot:
https://blog.brainycheetah.com/index.php/2018/11/02/wordpress-switching-to-https-ssl-hosted-on-aws/
Step 1: Get SSl certificate Step 2: Configure redirects Step 3: Update firewall
At each stage replace 'example.com' with your own site address.
Install certbot:
$ sudo apt-get update
$ sudo apt-get install software-properties-common
$ sudo add-apt-repository ppa:certbot/certbot
$ sudo apt-get update
$ sudo apt-get install python-certbot-apache
Create certificates:
$ sudo certbot --apache -m [email protected] -d example.com -d www.example.com
To configure redirects, first open the wp-config file:
$ sudo vim /var/www/html/example.com/wp-config.php
Insert the following above the "stop editing" comment line:
// HTTPS configuration
define('WP_HOME','https://example.com');
define('WP_SITEURL','https://example.com');
define('FORCE_SSL_ADMIN', true);
And finally, update firewall via the AWS console:
- Login to your AWS control panel for your EC2 / Lightsail instance
- Select the Networking tab Within the Firewall section, just below the table
- Select Add another
- Custom and TCP should be pre-populated within the first two fields by default, leave these as they are
- Within the Port range field enter 443 Select Save
Then just reload your apache config:
sudo service apache2 reload
And you should be good to go.
Solution 4
According to the Tutorial, since you have configured only an EC2 instance, direct approach is to purchase a SSL certificate and install it into apache server. For detailed steps follow the tutorial HOW TO ADD SSL AND HTTPS IN WORDPRESS How to Add SSL and HTTPS in WordPress.
If you plan to use AWS Certificate Manager issued free SSL certificates, then it requires either to configure a Elastic Load Balancer or the CDN CloudFront. This can get complicated if you are new to AWS. If you plan to give it a try with AWS Cloudfront, follow the steps in How To Use Your Own Secure Domain with CloudFront.
Using Cloudfront also provides a boost in performance since it caches your content and reduces the load from your EC2 instance. However one of the challenges you will face is to avoid mixcontent issues. There are WordPress plugins that are capable of resolving mixcontent issues, so do try them out.
Related videos on Youtube
The Grindfather
Updated on June 04, 2022Comments
-
The Grindfather almost 2 years
I've created and launched my WordPress site on AWS using EC2. I followed this tutorial to create the site. Its currently mapped to a domain using Route 53. All development on the site is done online in my instance.
I would now like to install an SSL Certificate on my site. How would I do so?
-
Mark B over 6 yearsIs it using a load balancer? Are you, or do you plan to put a CDN in front of the website, such as CloudFront?
-
The Grindfather over 6 yearsI'm not using a load balancer, and I don't plan to put a CDN in front of the website. It is just a plain EC2 setup.
-
Mark B over 6 yearsThen you should use Let's Encrypt, as detailed in one of the answers below.
-
-
The Grindfather over 6 yearsThanks! I'll give that a try!
-
The Grindfather over 6 yearsWhen I head to CertBot, what settings should I select? Thanks.
-
tintinboss over 6 yearsWhat's your server? Nginx or apache? What's the OS in use?
-
The Grindfather over 6 yearsIt is the default setup from the tutorial, so I believe Apache with Linux.
-
tintinboss over 6 yearsThen select Apache and your linux distro. Google "how to find my linux distro from terminal" if you're not sure which one it is.
-
José Ripoll almost 4 yearsBest solution to this specific problem. Easy and clean. Just to add, i had to reverse my crontab file to default because otherwise it would cause an EOF error.