Install 3rd party SSL in aws ec2 linux using ssh

To install a third-party SSL certificate on an AWS EC2 Linux instance using SSH, you can follow these steps:

  1. Connect to your EC2 instance using SSH: Open your terminal and run the following command:


ssh -i path/to/your/key.pem ec2-user@your-ec2-instance-public-ip


Replace path/to/your/key.pem with the path to your private key file, and your-ec2-instance-public-ip with the public IP address of your EC2 instance.

  1. Upload the SSL certificate files: Upload the SSL certificate files (certificate, private key, and CA bundle) to your EC2 instance. You can use SCP or SFTP to transfer the files. For example:


scp -i path/to/your/key.pem your-certificate.crt ec2-user@your-ec2-instance-public-ip:/home/ec2-user/
scp -i path/to/your/key.pem your-private-key.key ec2-user@your-ec2-instance-public-ip:/home/ec2-user/
scp -i path/to/your/key.pem your-ca-bundle.crt ec2-user@your-ec2-instance-public-ip:/home/ec2-user/


  1. Move the SSL certificate files to the correct directory: Move the SSL certificate files to the appropriate directory on your EC2 instance. For example, if you're using Apache, move the files to the /etc/httpd/conf/ssl.crt/ and /etc/httpd/conf/ssl.key/ directories:

sudo mkdir -p /etc/httpd/conf/ssl.crt/
sudo mkdir -p /etc/httpd/conf/ssl.key/
sudo mv /home/ec2-user/your-certificate.crt /etc/httpd/conf/ssl.crt/
sudo mv /home/ec2-user/your-private-key.key /etc/httpd/conf/ssl.key/
sudo mv /home/ec2-user/your-ca-bundle.crt /etc/httpd/conf/ssl.crt/



  1. Configure Apache to use SSL: Edit the Apache configuration file to enable SSL. You can use the nano editor or any other editor of your choice. For example:

sudo nano /etc/httpd/conf/httpd.conf



Add the following lines to the file:



LoadModule ssl_module modules/mod_ssl.so

<VirtualHost *:443>
ServerName your-domain-name.com
DocumentRoot /var/www/html/
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/your-certificate.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/your-private-key.key
SSLCertificateChainFile /etc/httpd/conf/ssl.crt/your-ca-bundle.crt
</VirtualHost>



Replace your-domain-name.com with your actual domain name, and your-certificate.crt, your-private-key.key, and your-ca-bundle.crt with the actual filenames of your SSL certificate files.

  1. Test your SSL configuration: To test your SSL configuration, run the following command:

sudo apachectl configtest


If there are no errors, restart Apache by running:


sudo systemctl restart httpd



That's it! Your EC2 instance should now have SSL enabled using a third-party SSL certificate. You can verify this by visiting your website using https:// instead of http://.

-
Labels: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

how to call ssh from vs code

 To call SSH from VS Code, you can use the built-in Remote Development extension. This extension allows you to open a remote folder or works...