Home » How to Setup Free SSL Letsencrypt Using AWS Load Balancers

How to Setup Free SSL Letsencrypt Using AWS Load Balancers

  • by

Let’s Encrypt is the latest internet trending. Its a relatively young Certification Authority which intends to provide free and automated SSL certificates so that everybody can set encryption to their sites and applications.

In this tutorial I will show you how How to Setup Free SSL Letsencrypt Using AWS Load Balancers

Scenario

    • domain has been setup in AWS Route 53.
    • Using Load Balancers (multi point)

How to Setup Free SSL Letsencrypt Using AWS Load Balancers 2a

AWS CLI Setup

you can create new permission on Identity and Access Management (IAM) and give permission for route53 like this below
How to Setup Free SSL Letsencrypt Using AWS Load Balancers 1

and then setup your EC2 with credential as you create before, you can using aws-cli but I’m using manually method

vim /root/.aws/config

and put that files with

[default]
aws_access_key_id=YOUR_AWS_SECRET_KEY_ID
aws_secret_access_key=YOUR_AWS_SECRET_KEY

Install Certbot package

and then back to your EC2 and install package

sudo apt-add-repository ppa:certbot/certbot -y
sudo apt-get update -y
sudo apt-get install certbot python3-certbot-dns-route53 -y

Install and Setup domain with Letsencrypt

register your domain to bash

DOMAIN=devninja.net
WILDCARD=*.$DOMAIN

and verify your library

echo $DOMAIN && echo $WILDCARD

and install letsencrypt and this script will sent verification to your route53 records

sudo certbot --dns-route53 --dns-route53-propagation-seconds 30 -d $DOMAIN -d $WILDCARD --manual --preferred-challenges dns certonly

If everything worked, you should now have 4 files in the /etc/letsencrypt/live/mydomain.com folder.

/etc/letsencrypt/live/mydomain.com
|-- cert.pem
|-- chain.pem
|-- fullchain.pem
|-- privkey.pem

Setup the certificate in an ELB

Now that you have your certificate files, you need to upload them to the ELB.

Go to the AWS web console, select the EC2 service and go to Load Balancers. Once there select the load balancer of your choice and go to the Listeners tab.
How to Setup Free SSL Letsencrypt Using AWS Load Balancers 3

Now you have to click on the "Change" link, in the SSL Certificate column of the HTTPS protocol, in order to set the new certificate.

How to Setup Free SSL Letsencrypt Using AWS Load Balancers 4

In this window, select the third option, Upload a new SSL certificate to AWS… and set the name of your choice for it.

Then, in the Private key field you have to place the contents of the cert.pem file, and in the Public key certificate field, the contents of the fullchain.pem file. You can leave the Certificate chain field empty.

Save, and you are done. Your ELB is now serving HTTPS request by using the previously generated Let’s Encrypt certificate.

thats it! if your still have any issue dont forget verify your https already running (try enable with a2ensite default-ssl if you using apache) or you can reply in this post 🙂

Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *

eight − six =