Lightsailのwordpressを常時SSL化させてみます。手順としては簡単でしたが何点か引っ掛かりました。
まず、wordpressのインスタンスにSSHで接続し、
sudo /opt/bitnami/bncert-toolで Bitnami HTTPS Configuration toolを起動します。ここでなぜか
Please type a directory that contains a Bitnami installation. The default
installation directory for Linux installers is a directory inside /opt.と出て、bitnamiフォルダを入力してもエラーになります。
Problem with run The Bitnami HTTPS Configuration Tool
にあるようにインスタンスの再起動でエラーはなくなりました。困ったときは再起動、ですね。
以下、どんどん設定していきます。
sudo /opt/bitnami/bncert-tool
----------------------------------------------------------------------------
Welcome to the Bitnami HTTPS Configuration tool.
----------------------------------------------------------------------------
Domains
Please provide a valid space-separated list of domains for which you wish to
configure your web server.
Domain list []: harupk.com www.harupk.com
----------------------------------------------------------------------------
Enable/disable redirections
Please select the redirections you wish to enable or disable on your Bitnami
installation.
Enable HTTP to HTTPS redirection [Y/n]: Y
Enable non-www to www redirection [Y/n]: n
Domain list []: harupk.com www.harupk.com
Enable www to non-www redirection [y/N]: y
----------------------------------------------------------------------------
Changes to perform
The following changes will be performed to your Bitnami installation:
1. Stop web server
2. Configure web server to use a free Let's Encrypt certificate for the domains: harupk.com www.harupk.com
3. Configure a cron job to automatically renew the certificate each month
4. Configure web server name to: harupk.com
5. Enable HTTP to HTTPS redirection (example: redirect http://harupk.com to
https://harupk.com)
6. Enable www to non-www redirection (example: redirect www.harupk.com to
harupk.com)
7. Start web server once all changes have been performed
Do you agree to these changes? [Y/n]: Y
----------------------------------------------------------------------------
Create a free HTTPS certificate with Let's Encrypt
Please provide a valid e-mail address for which to associate your Let's Encrypt
certificate.
Domain list: harupk.com www.harupk.com
Server name: harupk.com
E-mail address []: xxx@xxx.com
The Let's Encrypt Subscriber Agreement can be found at:
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf
Do you agree to the Let's Encrypt Subscriber Agreement? [Y/n]: Y
----------------------------------------------------------------------------
Performing changes to your installation
The Bitnami HTTPS Configuration Tool will perform any necessary actions to your
Bitnami installation. This may take some time, please be patient.
----------------------------------------------------------------------------
Success
The Bitnami HTTPS Configuration Tool succeeded in modifying your installation.
The configuration report is shown below.
Backup files:
* /opt/bitnami/apache2/conf/httpd.conf.back.202101190743
* /opt/bitnami/apache2/conf/bitnami/bitnami-apps-prefix.conf.back.202101190743
* /opt/bitnami/apache2/conf/bitnami/bitnami.conf.back.202101190743
Find more details in the log file:
/tmp/bncert-202101190743.log
If you find any issues, please check Bitnami Support forums at:
https://community.bitnami.com
Press [Enter] to continue:
これでSSL化できました。
ただwordpress上でWordpress AddressとSite Addressがhttpのままになっていました。
wp-config.phpをいじっていきます。
$ nano /opt/bitnami/apps/wordpress/htdocs/wp-config.php
define('WP_SITEURL', 'http://' . $_SERVER['HTTP_HOST'] . '/');
define('WP_HOME', 'http://' . $_SERVER['HTTP_HOST'] . '/');上記のhttpをhttpsに書き換えます。
define('WP_SITEURL', 'https://' . $_SERVER['HTTP_HOST'] . '/');
define('WP_HOME', 'https://' . $_SERVER['HTTP_HOST'] . '/');Apacheを再起動します。
$ sudo /etc/init.d/bitnami restart apacheこれでworpdress上でもhttpsになりました。
昔SSL化って結構てこずるイメージでしたが、簡単にできてしまいました。
参考URL:
Amazon Lightsail でホストされている Bitnami スタックに SSL 証明書をインストールする方法を教えてください。