How to add a SSL Certificate to an AWS Lightsail Bitnami WordPress Site

Now you’ve created your new Bitnami WordPress site using AWS Lightsail the first thing you will see when viewing it in Google Chrome is a ‘Not secure’ warning message next to the URL – a sure-fire way of scaring your visitors away!

Here’s a step-by-step guide to fixing the problem:

Step 1 – Purchase a SSL Certificate

AWS offer free certificates but you need to use their CloudFront Content Delivery Network and a pricey Elastic Load Balancer.  It’s also quite complicated to set up. If your site is new and hasn’t much traffic then the only option is to buy a certificate from a Certificate Authority.  Try GoDaddy.com or 1&1.co.uk.



Step 2 – Once you have purchased a certificate, your provider will need a CSR (Certificate Signing Request) before you can download the certificate. This is to link the certificate to your domain name and server.

To do this, you need to SSH into your AWS instance using the ‘Connect using SSH’ button in the instance console in Lightsail.

A window will open and you should see the Bitnami terminal or Command Line Interface (CLI) with the cursor next to a bitnami@ip-xxx-xx-x-xxx:~ $ prompt.

How to add a SSL Certificate to an AWS Lightsail Bitnami WordPress Site
Click the ‘Connect using SSH’ button

Step 3 – Create a CSR and follow the instructions on your certificate supplier’s website on copying and pasting it into your certificate application form – see How to Create a CSR.

Step 4 – You will now need to verify your site by either uploading a file or adding a TXT record to your DNS settings.  Again, your certificate supplier will have instructions on what to do.

Step 5 – When the site’s verified,  follow the instructions to download the certificate from the certificate supplier’s website to your computer.

Step 6 – Install the certificate and bundle to the server

Step 7 – Change the conf file

Step 8 – Restart apache

Step 9 – Check everything is working – close the browser and type the url using https:

Step 10 – Do a mod rewrite to redirect http traffic to https

Leave a Reply