How to add a wildcard domain in Let’s Encrypt SSL in AWS Lightsail?
To add a wildcard domain in Let’s Encrypt SSL in AWS Lightsail, you can follow these steps:
- Connect to your AWS Lightsail instance:
- Open the AWS Management Console and navigate to the Lightsail dashboard.
- Select your Lightsail instance that you want to configure with a wildcard SSL certificate.
- Click on the “Connect using SSH” button to connect to your instance.
- Install Certbot:
- Once you’re connected to your Lightsail instance via SSH, update the package lists by running the following command:
sudo apt update - Next, install Certbot, which is a command-line tool for obtaining and managing SSL certificates from Let’s Encrypt:
sudo apt install certbot
- Once you’re connected to your Lightsail instance via SSH, update the package lists by running the following command:
- Obtain the wildcard SSL certificate:
- Run the following command to obtain the wildcard SSL certificate using Certbot:
sudo certbot certonly --manual --preferred-challenges=dns -d *.yourdomain.comReplaceyourdomain.comwith your actual domain name.
- Run the following command to obtain the wildcard SSL certificate using Certbot:
- DNS validation:
- Certbot will provide you with instructions for DNS validation. Follow the instructions carefully as they may vary depending on your DNS provider.
- You’ll typically need to create a DNS TXT record with a specific value to prove domain ownership. This process may take some time as DNS records need to propagate.
- Configure SSL in Lightsail:
- Once you have successfully obtained the wildcard SSL certificate, go to the Lightsail console.
- Select your instance and click on the “Networking” tab.
- In the “TLS/SSL certificate” section, click on the “Create or upload a certificate” button.
- Choose the “Import a certificate” option and copy the contents of the certificate and private key files that Certbot generated.
- Paste the certificate chain into the “Certificate chain” field and the private key into the “Private key” field.
- Click on the “Save” button to apply the SSL certificate to your Lightsail instance.
- Update your server configuration:
- Depending on your web server (e.g., Apache or Nginx), you’ll need to update the server configuration to use the SSL certificate.
- For Apache, you can use the following command to enable the SSL module:
sudo a2enmod ssl - Then, update your Apache virtual host configuration to include the SSL certificate and configure the appropriate SSL directives.
- For Nginx, update the server block configuration to include the SSL certificate and configure the necessary SSL directives.
- Restart your web server:
- After updating the server configuration, restart your web server to apply the changes:
sudo service apache2 restartorsudo service nginx restart
- After updating the server configuration, restart your web server to apply the changes:
Once the server restarts, your wildcard SSL certificate should be successfully installed and configured for your AWS Lightsail instance. Visitors to your website will now be able to access it securely using the wildcard domain.
