bchmybb

Auto-configure a Let's Encrypt certificate

Bitnami already includes a small tool that takes care of generating a valid certificate using Let’s Encrypt and configuring the web server to use it. That tool uses lego to run the Let’s Encrypt certificate generation commands. You can find the script inside the /opt/bitnami/letsencrypt/ directory.

Execute the following command to auto-configure a Let’s Encrypt certificate in your stack for a domain, both with and without the www prefix:

$ sudo /opt/bitnami/letsencrypt/scripts/generate-certificate.sh -m YOURMAIL -d YOURDOMAIN -d www.YOURDOMAIN

NOTE: You can use more than one domain by specifying the -d option as many times as domains you want to specify. When supplying multiple domains, Lego creates a SAN (Subject Alternate Names) certificate which results in only one certificate valid for all domains you entered. The first domain in your list will be added as the “CommonName” of the certificate and the rest, will be added as “DNSNames” to the SAN extension within the certificate.


NOTE: Remember that both YOURMAIL and YOURDOMAIN are placeholders. Replace them with your current email and with the new domain name you want to set.

This video shows you how easy it is to generate a valid certificate for your stack using the Bitnami auto-configure Let’s Encrypt tool:

NOTE: If your Bitnami image does not include the Let’s Encrypt auto-configuration script, you will need to manually generate and install the Let’s Encrypt certificates following this alternative approach.

Last modification January 4, 2019