Recommendation of free SSL certificate Let's Encrypt Part2

This is Tatsuno Information Systems Tokyo Team💻! In our last article, we wrote a sequel article about SSL calledRecommendations for SSL Vulnerability AssessmentIn the previous article, I introduced a free tool to check the safety of SSL encryption. This time, I'd like to write another article about SSL.

We believe that Amazon Linux users have been advised to migrate to Amazon Linux2 with the end of Amazon Linux updates.
Before.Free SSL Certificate Let's Encrypt RecommendationI wrote how to install Let's Encrypt as However, that method doesn't support Amazon Linux2 at the moment, and I think it took a lot of time to rewrite certbot manually to make it work.

If you use the method introduced here, you can use the certbot command without bothering to rewrite it, and it won't interfere with the operation of Let's Encrypt! Please try it with reference to this article.

Click here for table of contents

  • 1. what is Amazon Linux?
  • 2. about the features of Amazon Linux 2
  • 3. install certbot for Amazon Linux 2
  • 4. summary

What is Amazon Linux?

Amazon Linux 2-SSL

Amazon Linux is a Linux server operating system provided by Amazon Web Services (AWS), which currently provides Amazon Linux AMI and its next-generation version, Amazon Linux 2.

Amazon Linux 2

Amazon Linux 2 is the next generation version of Amazon Linux, the Linux server operating system from Amazon Web Services (AWS). The service enables you to develop and run cloud and enterprise applications in a stable, secure, and high-performance runtime environment.

With Amazon Linux 2 application environments, you get long-term support and access to the latest innovations in the Linux ecosystem.

It is also available as a virtual machine image for on-premise development and testing, which is useful for developing, testing, and assuring the operation of applications directly in the local development environment.

About Amazon Linux 2 Features

Amazon Linux2 - FeaturesIt comes with a number of AWS tools (e.g. AWS CLI) and cloud-init. These tools are designed to simplify the scripting of common administrative tasks that you create from within your instance and allow you to configure your instance remotely.

Amazon Linux 2 is suitable for a wide range of virtual and containerized workloads in production environments, including databases, data analytics, business applications, web applications, and desktop applications.

▼ Here are the benefits of Amazon Linux 2!
Optimized performance
Predictability with long-term support
Improve developer productivity
Rapidly growing partner ecosystem

Install certbot for Amazon Linux 2

Here we are using Amazon Linux2. In addition, for the convenience of implementing yum, work is carried out with root privileges.

Enable the EPEL repository on Amazon Linux 2
amazon-linux-extras install -y epel
Install certbot
yum install certbot
Obtain a certificate
certbot certonly -webroot -w /var/www/html -d [domain/URL where you want to apply SSL] -email [email address] -n -agree-tos

If there are no problems, the above command will complete the process of issuing the certificate. As for the location of the file, there is no change, please refer to the recommendation of the free SSL certificate Let's Encrypt.

You can automate the update process without any problem. Just register to cron as follows.
(Amazon Linux is written a little differently, so you can't just copy what you had before.

00 4 * * 0 /bin/certbot renew -post-hook "/usr/bin/systemctl reload httpd"

 

summary

I showed you how to use certbot to get a Let's Encrypt SSL certificate on Amazon Linux2.

en_USEnglish