I'm setting up a domain with AWS Lightsail but I cat gete it to work on HTTPS. I followed the instructions here: https://docs.bitnami.com/aws/how-to/generate-install-lets-encrypt-ssl/ Also tried this: https://cloudconfusing.com/2018/05/13/moving-a-lightsail-instance-to-https-with-lets-encrypt-certbot/
bitnami@ip-172-26-9-58:/opt/bitnami/letsencrypt$ sudo /opt/bitnami/ctlscript.sh restart apache
Unmonitored apache
Syntax OK
/opt/bitnami/apache2/scripts/ctl.sh : httpd stopped
Syntax OK
/opt/bitnami/apache2/scripts/ctl.sh : httpd started at port 80
Monitored apache
bitnami@ip-172-26-9-58:/opt/bitnami/letsencrypt$ ls -la /opt/bitnami/apache2/conf/
total 312
drwxr-xr-x 5 bitnami root 4096 Dec 10 12:19 .
drwxr-xr-x 14 root root 4096 Aug 15 10:43 ..
drwxr-xr-x 2 bitnami root 4096 Dec 7 15:39 bitnami
-rw-r--r-- 1 bitnami root 289 Aug 15 10:43 deflate.conf
drwxr-xr-x 2 bitnami root 4096 Aug 15 10:40 extra
-rw-r--r-- 1 bitnami root 20149 Aug 15 10:46 httpd.conf
-rw-r--r-- 1 bitnami root 13077 Jul 30 15:17 magic
-rw-r--r-- 1 bitnami root 60847 Jul 30 15:17 mime.types
-rw-r--r-- 1 bitnami root 7413 Aug 2 2012 modsecurity.conf
drwxr-xr-x 3 bitnami root 4096 Aug 15 10:40 original
-rw-r--r-- 1 bitnami root 17447 Aug 15 10:43 pagespeed.conf
-rw-r--r-- 1 bitnami root 141034 Aug 15 10:40 pagespeed_libraries.conf
-rw-r--r-- 1 bitnami root 199 Aug 15 10:41 php-fpm-apache.conf
-rw-r--r-- 1 bitnami root 1834 Dec 7 15:39 privkey.pem
lrwxrwxrwx 1 root root 59 Dec 10 12:19 server.crt -> /etc/letsencrypt/live/previdencia-digital.com/fullchain.pem
-rw------- 1 root root 1164 Dec 7 15:39 server.crt.old
-rw------- 1 root root 985 Dec 7 15:39 server.csr.old
lrwxrwxrwx 1 root root 57 Dec 10 12:19 server.key -> /etc/letsencrypt/live/previdencia-digital.com/privkey.pem
-rw------- 1 root root 1679 Dec 7 15:39 server.key.old
-rw-r--r-- 1 bitnami root 203 Aug 15 10:42 ssi.conf
I also tried creating the certificate inside Lightsail console, by going on Load balancer -> Create a certificate -> filling the data -> Create But simply nothing happens. No error message or anything.
I thought port 443 was blocked in the firewall, but it is open just like port 80 in the instance networking settings. Any ideas on what else I could try?
i did it successfully with my lightsail application and it is working fine.i did the following steps.
Request a new certificate for your domain ( replace your email and domain ):sudo lego --tls --email="EMAIL-ADDRESS" --domains="DOMAIN" --domains="www.DOMAIN" --path="/etc/lego" run [ You can use more than one domain (for example, DOMAIN and
www.DOMAIN) by specifying the --domains option as many times as the number of domains you want to specify ]
Bitnami has already a default key and crt file please rename those:
mv/opt/bitnami/apache2/conf/server.crt/opt/bitnami/apache2/conf/server.crt.old
mv/opt/bitnami/apache2/conf/server.key/opt/bitnami/apache2/conf/server.key.old
mv/opt/bitnami/apache2/conf/server.csr/opt/bitnami/apache2/conf/server.csr.old
Create a symbolic link: Replace DOMAIN with your domain ln -s /etc/lego/certificates/DOMAIN.key /opt/bitnami/apache2/conf/server.key ln -s /etc/lego/certificates/DOMAIN.crt /opt/bitnami/apache2/conf/server.crt
Change permissions chown root:root /opt/bitnami/apache2/conf/server* chmod 600 /opt/bitnami/apache2/conf/server*
restart your service: /opt/bitnami/ctlscript.sh start
I believe you need to adjust the permissions on the key and the cert. Try this:
sudo chmod 600 /opt/bitnami/apache2/conf/server*
Notice how the permissions on your new key/crt don't match those on your old ones.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.