[Aamazon LightSail]Set up a subdomain and convert to SSL.

Although the application can work with just a static IP setting, setting up a domain allows you to give a name to a site that is difficult to understand and only numerical.
It is like when you call a shop, instead of saying 1-1-1 Shinagawa-ku, Tokyo, you say 00 shop.

SSL encrypts the communication between the browser and the server, so let’s set it up.

LightSail is configured with Bitnami by default, so we will use bncert-tool to configure it.


Adding and setting up subdomains

In this case, you will use an existing domain with Route53 and set up additional subdomains.

Select the relevant domain from the Route53 page.
Click on ‘Create record’ in the bottom right-hand corner.

Enter the name that will be the subdomain in ‘Record name’.
Enter the IP address of the server that defines the subdomain in ‘Value’.
When you have entered the information, click ‘Create record’.

After a short time, this is communicated to the DNS servers and the subdomain can be accessed.

Bitnami’s SSL-enabled

In Lightsail, use Bitnami’s bncert-tool to configure.

Run the tool.

$ sudo /opt/bitnami/bncert-tool

Enter the sub-domain to be SSL-enabled in Domain list[]:.
For example, “.tsukurue.com”.

After entering, press Enter to continue.

Welcome to the Bitnami HTTPS Configuration tool.


Please provide a valid space-separated list of domains for which you wish to 
configure your web server.

Domain list []:

You will be asked if you have multi-domain support, enter n.
After entering n, ‘Press [Enter] to continue:’ is displayed.

Press Enter to continue.

The following domains were not included: www.combination-search.tsukurue.com. Do you want t
o add them? [Y/n]: n

Warning: No www domains (e.g. www.example.com) or non-www domains (e.g. 
www.example.com) have been provided, so the following redirections will be 
disabled: non-www to www, www to non-www.
Press [Enter] to continue: 

You will be asked for an http to https redirect, enter Y.

Enable/disable redirections

Please select the redirections you wish to enable or disable on your Bitnami 

Enable HTTP to HTTPS redirection [Y/n]:

Enter Y when asked if it is OK to reflect the changes.

Changes to perform

The following changes will be performed to your Bitnami installation:

1. Stop web server
2. Configure web server to use a free Let's Encrypt certificate for the domains: 
3. Configure a cron job to automatically renew the certificate each month
4. Configure web server name to: combination-search.tsukurue.com
5. Enable HTTP to HTTPS redirection (example: redirect 
http://combination-search.tsukurue.com to 
6. Start web server once all changes have been performed

Do you agree to these changes? [Y/n]: 

Enter a valid email address to associate with Let’s Encrypt.

Create a free HTTPS certificate with Let's Encrypt

Please provide a valid e-mail address for which to associate your Let's Encrypt 

Domain list: <sub-domain>.tsukurue.com

Server name: <sub-domain>.tsukurue.com

E-mail address []: 

If you agree with Subscriver, enter Y.

The Let's Encrypt Subscriber Agreement can be found at:


Do you agree to the Let's Encrypt Subscriber Agreement? [Y/n]:

When Success is displayed, the SSL conversion is complete.
Enter to exit.


Performing changes to your installation

The Bitnami HTTPS Configuration Tool will perform any necessary actions to your 
Bitnami installation. This may take some time, please be patient.


The Bitnami HTTPS Configuration Tool succeeded in modifying your installation.

The configuration report is shown below.

Backup files:
* /opt/bitnami/apache/conf/httpd.conf.back.202309100101
* /opt/bitnami/apache/conf/bitnami/bitnami.conf.back.202309100101
* /opt/bitnami/apache/conf/bitnami/bitnami-ssl.conf.back.202309100101

Find more details in the log file:


If you find any issues, please check Bitnami Support forums at:


Press [Enter] to continue:

If the site is accessible via https, you are done.


Using DNS A records was a simple way to add subdomains without additional domain charges, just by adding a record.

When you set up Let’s Encrypt SSL with Bitnami, it also automatically sets up cron for you.
This is a great way to get automatic renewals.

$ crontab -l