How to install Let’s Encrypt on AWS (EC2) ?

Transcript

1. @Amimoto_Ami amimoto-ami.com AMIMOTO (HHVM) + SSLʢLet's Encryptʣ

2. WHAT IS AN SSL CERTIFICATE

3. Length of time the 
 certificate is good Company Details

   of the authority 
 who issued the Company Information a security SSL certificates contains

4. How to know if a website uses SSL/TLS

5. BENEFITS OF HAVING AN SSL CERTIFICATE

6. HTTP/2 SEO TRUST

7. CONSEQUENCE S OF NOT HAVING AN CERTIFICATE

8. HOW TO GET
 A CERTIFICATE

9. Multi-domain / Wildcard Basic - per domain Paid SSL certificates

10. It’s free, automated, and open.

11. HOW TO INSTALL
 LET’S ENCRYPT

12. Login to your AWS Console

13. Create hosted zone for your domain - Route 53

14. Create hosted zone for your domain - Route 53

15. Create hosted zone for your domain - Route 53

16. Launch an AMIMOTO AMI - EC2

17. Launch an AMIMOTO AMI - EC2

18. Launch an AMIMOTO AMI - EC2

19. Launch an AMIMOTO AMI - EC2

20. Launch an AMIMOTO AMI - EC2

21. Launch an AMIMOTO AMI - EC2

22. Launch an AMIMOTO AMI - EC2

23. Launch an AMIMOTO AMI - EC2

24. Launch an AMIMOTO AMI - EC2

25. Launch an AMIMOTO AMI - EC2

26. Launch an AMIMOTO AMI - EC2

27. Launch an AMIMOTO AMI - EC2

28. Launch an AMIMOTO AMI - EC2

29. Assign an Elastic IP to your instance

30. Assign an Elastic IP to your instance

31. Assign an Elastic IP to your instance

32. Assign an Elastic IP to your instance

33. Login to your instance

34. Install WordPress 1. Log into the root of your server

    using SSH:
 
 $ ssh -i /Users/macpil/Desktop/example.pem ec2-user@instance_ip or domain
 2. Update all packges:
 
 $ sudo yum update
 3. Install WordPress:
 
 $ sudo /usr/local/bin/wp-setup example.com

35. Install pip and Let’s encrypt 1. Install Python:
 
 $

    sudo yum install python27-pip python27-virtualenv augeas-libs dialog gcc libffi-devel openssl-devel system-rpm-config
 2. Install Let’s encrypt:
 
 $ sudo virtualenv /opt/letsencrypt/
 $ sudo /opt/letsencrypt/bin/pip install letsencrypt
 3. Create a certificate
 
 $ sudo /opt/letsencrypt/bin/letsencrypt certonly -t -d example.com - a webroot --webroot-path=/var/www/vhosts/example.com/ --rsa-key-size 2048 --server https://acme-v01.api.letsencrypt.org/directory
 4. Enter email address used for urgent notices and lost key recovery

36. Install pip and Let’s encrypt 1. Change nginx settings for:


    
 $ sudo cp /etc/nginx/conf.d/default-ssl.conf /etc/nginx/conf.d/ example.com-ssl.conf
 
 2. Edit gomp.pl-ssl.conf:
 
 $ sudo vi /etc/nginx/conf.d/example.com-ssl.conf


37. gomp.pl-ssl.conf server { listen 443 ssl http2; server_name example.com; root

    /var/www/vhosts/example.com; index index.html index.htm; charset utf-8; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AESGCM:HIGH:!aNULL:!MD5; ssl_session_cache shared:SSL:10m; ssl_session_timeout 5m; ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; access_log /var/log/nginx/example.com.access.log main; error_log /var/log/nginx/example.com.error.log;

38. Install pip and Let’s encrypt 3. Change nginx settings for:


    
 $ sudo cp /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/ example.conf
 
 4. Edit gomp.pl.conf:
 
 $ sudo vi /etc/nginx/conf.d/example.com.conf


39. gomp.pl.conf server { listen 80; server_name example.com; root /var/www/vhosts/example.com; index

    index.html index.htm; charset utf-8; access_log /var/log/nginx/example.com.access.log main; error_log /var/log/nginx/example.com.error.log;

40. Install pip and Let’s encrypt 5. Restart nginx:
 
 $

    sudo service nginx restart

41. SETUP YOUR WORDPRESS

42. Copy your instance ID and configure your WordPress

43. http://amimoto-ami.com/slack/ Questions:

44. @Amimoto_Ami amimoto-ami.com THANK YOU! AMIMOTO (HHVM) + SSLʢLet's Encryptʣ