Securing your website is essential in today's digital world. Using Let's Encrypt with Apache on Amazon EC2 instances provides a free and reliable way to enable HTTPS, ensuring data encryption and trustworthiness for your visitors. This guide walks you through the process step-by-step.

Prerequisites

  • An Amazon EC2 instance running a Linux distribution (such as Ubuntu or Amazon Linux).
  • Root or sudo access to the EC2 instance.
  • Apache web server installed and running.
  • Domain name pointing to your EC2 instance's public IP address.
  • Basic knowledge of terminal commands and SSH.

Installing Certbot

Certbot is the recommended client for obtaining and renewing Let's Encrypt certificates. Install Certbot on your EC2 instance by following these steps:

For Ubuntu:

Update your package list:

sudo apt update

Install Certbot and the Apache plugin:

sudo apt install certbot python3-certbot-apache

For Amazon Linux:

Enable EPEL repository:

sudo amazon-linux-extras install epel

Install Certbot:

sudo yum install certbot python3-certbot-apache

Obtaining an SSL Certificate

Once Certbot is installed, you can request a free SSL certificate for your domain:

Run Certbot with the Apache plugin:

sudo certbot --apache -d yourdomain.com -d www.yourdomain.com

Follow the prompts to agree to the terms of service and provide your email address for renewal notifications. Certbot will automatically configure your Apache server to use the new certificate.

Verifying the SSL Installation

After installation, verify that your website is accessible via HTTPS. Visit https://yourdomain.com in your browser. You should see a padlock icon indicating a secure connection.

You can also run the following command to test the SSL configuration:

sudo certbot renew --dry-run

Automating Certificate Renewal

Let's Encrypt certificates are valid for 90 days. Certbot sets up a cron job or system timer to automatically renew certificates before expiry. To check renewal status, run:

sudo certbot renew --dry-run

If you encounter issues, verify your cron jobs or system timers to ensure automatic renewal is enabled.

Conclusion

Using Let's Encrypt with Apache on Amazon EC2 is a straightforward way to secure your website with HTTPS. Regularly renew your certificates and keep your server updated for optimal security. This setup not only protects your visitors but also improves your site's credibility and SEO ranking.