Updated: Nov 28, 2019
Looking for help setting up SSL (HTTPS) on an EC2 server for Wordpress Bitnami? I recently got this request from a client and found that it was a common issue, but extremely quick and simple to solve. Here are the step by step instructions for doing so:
0. These instructions assume that you already have a Wordpress blog up and running on a single EC2 instance running Bitnami Wordpress which is accessible by your registered domain name. e.g. www.platorsolutions.com
For this guide, we will be utilizing a free SSL certificate provided by Let's Encrypt.
1. Access your AWS dashboard and navigate to the EC2 section as shown here:
Make sure that you select the correct availability zone in the upper right hand corner. In our example here it is US West (N. California) but yours is likely to be different.
2. Click on instances on the left side bar and find your AWS instance's DNS.
3. Use this public DNS to SSH into your instance. If you're not sure how to do this you can use this easy to follow guide: https://medium.com/@GalarnykMichael/aws-ec2-part-2-ssh-into-ec2-instance-c7879d47b6b2
If your instance is using Bitnami Ubuntu then your username to ssh in will be "ubuntu" e.g.
ssh -i ~/.ssh.key.pem email@example.com
4. Once you have SSH'd into your instance and have the command prompt in front of you, you can run the following commands:
wget -O bncert-linux-x64.run https://downloads.bitnami.com/files/bncert/latest/bncert-linux-x64.run
sudo chmod +x bncert-linux-x64.run
5. Once this is done, we have the Bitnami certificate tool downloaded and installed and we can now run it:
6. You will now be given prompts asking some questions
If you are given a warning here about the DNS entry being unable to resolve to this current IP then check your DNS configuration to ensure that it is configured for both www and non-www access to your website.
7. You will now be asked if you would like to redirect www to non-www and also asked if you would like to redirect non-www to www. For best practice, unless you have a reason not to, I would recommend that you enter "Y" for redirecting non-www to www and "n" for redirecting www to non-www.
8. The tool should then run for a few minutes and then show you that it has successfully installed the certificate. It will let you know that it has also set up a job to automatically renew the certificate for you which is very convenient. You can verify that your site is now secured with the new SSL certificate by visiting your website and checking for the lock by the URL bar.
If you have any issues while running through this guide, feel free to leave a comment.