To install Let’s Encrypt SSL on Amazon Linux 2, you can follow these steps:
- Update your Amazon Linux 2 instance with the latest packages:
sudo yum update -y
- Install the required dependencies:
sudo yum install -y mod_ssl python3 python3-pip
- Install the Certbot client using pip3:
sudo pip3 install certbot
- Allow HTTPS traffic in the firewall:
sudo firewall-cmd --zone=public --permanent --add-service=https
sudo firewall-cmd --reload
- Request a certificate for your domain using Certbot:
sudo certbot certonly --standalone -d your-domain.com
- Certbot will ask you to provide an email address for renewal notices and to agree to the Let’s Encrypt terms of service. After providing the required information, Certbot will generate a new SSL certificate and store it in
/etc/letsencrypt/live/your-domain.com/
. - Once the certificate is generated, you need to configure your web server to use it. Open the Apache configuration file for your domain:
sudo nano /etc/httpd/conf.d/your-domain.com.conf
- Add the following lines to the file, replacing
your-domain.com
with your domain name:
<VirtualHost *:80>
ServerName your-domain.com
Redirect permanent / https://your-domain.com/
</VirtualHost>
<VirtualHost *:443>
ServerName your-domain.com
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/your-domain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/your-domain.com/privkey.pem
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite HIGH:!aNULL:!MD5
DocumentRoot /var/www/html
</VirtualHost>
- Save and close the file, then restart Apache:
sudo systemctl restart httpd
That’s it! Your website should now be accessible over HTTPS using the Let’s Encrypt SSL certificate.