Although the application can work with just a static IP setting, setting up a domain allows you to give a name to a site that is difficult to understand and only numerical.
It is like when you call a shop, instead of saying 1-1-1 Shinagawa-ku, Tokyo, you say 00 shop.
SSL encrypts the communication between the browser and the server, so let’s set it up.
LightSail is configured with Bitnami by default, so we will use bncert-tool to configure it.
Adding and setting up subdomains
In this case, you will use an existing domain with Route53 and set up additional subdomains.
Select the relevant domain from the Route53 page.
Click on ‘Create record’ in the bottom right-hand corner.
Enter the name that will be the subdomain in ‘Record name’.
Enter the IP address of the server that defines the subdomain in ‘Value’.
When you have entered the information, click ‘Create record’.
After a short time, this is communicated to the DNS servers and the subdomain can be accessed.
Bitnami’s SSL-enabled
In Lightsail, use Bitnami’s bncert-tool to configure.
Run the tool.
$ sudo /opt/bitnami/bncert-toolEnter the sub-domain to be SSL-enabled in Domain list[]:.
For example, “.tsukurue.com”.
After entering, press Enter to continue.
----------------------------------------------------------------------------
Welcome to the Bitnami HTTPS Configuration tool.
----------------------------------------------------------------------------
Domains
Please provide a valid space-separated list of domains for which you wish to
configure your web server.
Domain list []:You will be asked if you have multi-domain support, enter n.
After entering n, ‘Press [Enter] to continue:’ is displayed.
Press Enter to continue.
The following domains were not included: www.combination-search.tsukurue.com. Do you want t
o add them? [Y/n]: n
Warning: No www domains (e.g. www.example.com) or non-www domains (e.g.
www.example.com) have been provided, so the following redirections will be
disabled: non-www to www, www to non-www.
Press [Enter] to continue: You will be asked for an http to https redirect, enter Y.
----------------------------------------------------------------------------
Enable/disable redirections
Please select the redirections you wish to enable or disable on your Bitnami
installation.
Enable HTTP to HTTPS redirection [Y/n]:Enter Y when asked if it is OK to reflect the changes.
----------------------------------------------------------------------------
Changes to perform
The following changes will be performed to your Bitnami installation:
1. Stop web server
2. Configure web server to use a free Let's Encrypt certificate for the domains:
combination-search.tsukurue.com
3. Configure a cron job to automatically renew the certificate each month
4. Configure web server name to: combination-search.tsukurue.com
5. Enable HTTP to HTTPS redirection (example: redirect
http://combination-search.tsukurue.com to
https://combination-search.tsukurue.com)
6. Start web server once all changes have been performed
Do you agree to these changes? [Y/n]: Enter a valid email address to associate with Let’s Encrypt.
----------------------------------------------------------------------------
Create a free HTTPS certificate with Let's Encrypt
Please provide a valid e-mail address for which to associate your Let's Encrypt
certificate.
Domain list: <sub-domain>.tsukurue.com
Server name: <sub-domain>.tsukurue.com
E-mail address []: If you agree with Subscriver, enter Y.
The Let's Encrypt Subscriber Agreement can be found at:
https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf
Do you agree to the Let's Encrypt Subscriber Agreement? [Y/n]:When Success is displayed, the SSL conversion is complete.
Enter to exit.
----------------------------------------------------------------------------
Performing changes to your installation
The Bitnami HTTPS Configuration Tool will perform any necessary actions to your
Bitnami installation. This may take some time, please be patient.
----------------------------------------------------------------------------
Success
The Bitnami HTTPS Configuration Tool succeeded in modifying your installation.
The configuration report is shown below.
Backup files:
* /opt/bitnami/apache/conf/httpd.conf.back.202309100101
* /opt/bitnami/apache/conf/bitnami/bitnami.conf.back.202309100101
* /opt/bitnami/apache/conf/bitnami/bitnami-ssl.conf.back.202309100101
Find more details in the log file:
/tmp/bncert-202309100101.log
If you find any issues, please check Bitnami Support forums at:
https://github.com/bitnami/vms
Press [Enter] to continue:If the site is accessible via https, you are done.
Summary
Using DNS A records was a simple way to add subdomains without additional domain charges, just by adding a record.
When you set up Let’s Encrypt SSL with Bitnami, it also automatically sets up cron for you.
This is a great way to get automatic renewals.
$ crontab -l
