SSL
Let's Encrypt SSL Certificates
Last updated
Let's Encrypt SSL Certificates
Last updated
Certbot is a free, open-source software tool for automatically using Let’s Encrypt certificates on manually-administrated websites to enable HTTPS.
SSH into your server where the Bitnami application is running.
Install Certbot by following the instructions for your Linux distribution on the Certbot website. Choose your web server and operating system for tailored instructions.
Before renewing the certificate, you might need to stop your web server to free up the port Certbot uses for verification. This is necessary if you're using the standalone plugin. If you use the webroot plugin, this step may not be necessary.
For Apache (replace sudo with the appropriate command if you're not using a sudo-enabled user):
For Nginx:
Run Certbot to renew your certificate. The command you use depends on how you originally obtained your certificate. If you're unsure, you can simply use the certonly option with --standalone, assuming your web server is stopped, or --webroot if it's running.
Replace yourdomain.com with your actual domain name.
After obtaining the new certificate, you need to configure your Bitnami application to use it.
Copy the new certificate and key to the appropriate Bitnami directory. The exact commands will vary based on your domain and where Certbot places the files (usually /etc/letsencrypt/live/yourdomain.com/).
Fix permissions on the new files.
Restart your web server to apply the changes.
For Apache:
For Nginx:
Let's Encrypt certificates are valid for 90 days. You can automate the renewal process by adding a cron job.
Open the crontab for editing.
Add a line to run the renewal command periodically (e.g.,once every 2 months):
Replace "/opt/bitnami/ctlscript.sh restart apache" with the appropriate command to restart your web server.
This setup ensures your SSL certificate is automatically renewed and the web server is restarted to apply the changes.
