How to Configure SSL And AWS Certificate Manager For Bitnami EC2 Instance On AWS(Amazon Web Services)?

Are you running a WordPress on AWS EC2 Instances and are you trying to enable SSL (or) HTTPS to your WordPress Site? then you are at the right blog.

This is for configuring a load balancer with an SSL certificate for a single Bitnami Instance. If you wish to balance load across multiple Instances, additional steps will be required.Right now in order to enable SSL for your EC2 Instance you need to use either ELB or CDN

You can get free SSL Certificate from AWS Certificate Manager.Here you can find how to get free certificate

NOTE : AWS Certificate Manager (ACM) is available now in the US East (Northern Virginia) region, with additional regions in the works. You can provision, deploy, and renew certificates at no charge.

  • Log in to the AWS EC2 console.

  • and from the EC2 Dashboard, select the “Instances -> Instances” menu item.
  • From the instance details pane, note the instance ID, DNS name, public IP address, availability zone and VPC ID. You will need these details in subsequent steps.

Just to confirm click on your Public DNS and see whether your home page is loading or not

Now Create An Elastic Load Balancer With HTTP And HTTPS Support

  • Now Quickly create an Elastic Load Balancer

  • From the EC2 Dashboard, select the “Load Balancing -> Load Balancers” menu item.
  • Now Click on the “Create Load Balancer” button.

“Select Load Balancer”,and select the “Application Load Balancer” option and click “Create”.

  • Now Enter a name for the load balancer and specify the scheme as “Internet facing”.
  • In the “Listeners” section, ensure that there is an HTTP listener on load balancer port 80. Click the “Add listener” button and add a second HTTPS listener on load balancer port 443. This configures the load balancer to handle both HTTP and HTTPS requests from clients.
  • In the “Availability Zones” section, select the same VPC as the one used by your Bitnami application instance and select a subnet from each availability zone.and then Click on the “Next: Configure Security Settings” button to proceed.
  • Now On the “Configure Security Settings” as theNext Step,
  • Select the “Request a new certificate from ACM” option to create a new SSL certificate for your load balancer. This will launch the AWS Certificate Manager (ACM) in a new window.
  • Now Within the AWS Certificate Manager, on the “Request a certificate” page, enter your domain name.
  • you need to enter the domain name as (or) and * is will be used as sub-domain when you give “*” before you domain
  • Click “Review and request” to review and confirm the request.
  • Now an email will be sent to the registered owner of the domain with instructions to confirm the certificate request by validating the domain. The domain will appear in the AWS Certificate Manager with status set to “Pending validation”.Once the domain has been validated, the certificate will be issued and will appear in the AWS Certificate Manager with status set to “Issued”.
  • Back on the “Configure Security Settings” page for the load balancer, the newly-issued certificate should now appear in the list of available certificates. Select it and click the “Next: Configure Security Group” button to proceed.

Now On the “Configure Security Group” page:

  • Select the option to “Create a new security group”.
  • Add a security rule to allow inbound traffic on port 80 (the HTTP port) with source “Anywhere”.
  • Add a second security rule to allow inbound traffic on port 443 (the HTTPS port) with source “Anywhere”.
  • Click the “Next: Configure Routing” button to proceed.

Now On the “Configure Routing” fourth step:

  • In the “Target group” section, create a new target group and assign it a name. Ensure that the protocol is set to “HTTP”, the port to “80” and the target type to “instance”. With this configuration, traffic between the load balancer and the instance will be transmitted using HTTP, even for HTTPS requests made by the client to the load balancer.
  • In the “Health checks” section, define the protocol as “HTTP” and the path to “/”.
  • Click the “Next: Register Targets” button to proceed.

Now On the “Register Targets” page step 6

use the instance ID obtained in Step 1 to identify and select the Bitnami instance. Click the “Add to registered” button to move the instance into the list of registered targets. Click the “Next: Review” button to proceed.

Once Reviewed click on the create button,and the load balancer will now be created

Once the load balance is created successfully quickly update your domain’s DNS settings by adding an A record that points to the public IP address of the load balancer.

To do this, you will usually need to log in to your domain name provider’s management console and make the necessary changes.

NOTE: Once you make the necessary changes, it can take up to 48 hours for the change to propagate across other DNS servers

Now The final step is to update the Apache server configuration on the Bitnami application instance to correctly handle SSL requests from the load balancer. To do this:

Log in to the application instance using SSH.

Modify the /opt/bitnami/apps/APPNAME/conf/httpd-prefix.conf and add the following line at the top of the file.

This line ensures correct operation of the HTTP connection between the load balancer and the instance, even for load-balanced HTTPS requests.

SetEnvIf x-forwarded-proto https HTTPS=on Restart the server: sudo /opt/bitnami/ restart apache

Use Plugin Force HTTPs ,Where it will automatically changes every page to run on https

After some time you can find that your site loading with secure ssl certificate

If you still find some error and no green padding lock then it might be mismatch error.With this error the page speed also be very slow.Once click on inspect element you can find where the mismatch error is coming.Once you clear that error then the https will be enabled with green padlock as well as page speed also increases

Note: MisMatch error is just a bad link,,Just you need to change the link or update the image again in wordpress Media,then it automatically turns as green padlock

Visit us again!!

Get a complimentary 30 minute marketing consultation and an audit report from our expert who has been awarded by LinkedIn Pro as ‘Best of 2017 & 2016’ in various categories including – ‘Marketing Consulting’, ‘Digital Marketing’ and ‘Lead Generation’.

Learn how other organizations are partnering with us for turnkey marketing services and solutions impacting real business outcomes.

Roy Lingam CEO,Delphi USMLE. Chicago

NectarSpot team successfully re-branded and revamped our old website to a fast loading and aesthetically pleasing within a short time frame of four weeks. NectarSpot designers and developers created a distinct UI/UX landing pages that communicates our brand as an established brand identity helping us to get more conversions. Our end users appreciate the site’s unique and polished presentation through an informative, well laid-out content and beautifully designed pages that helps a seamless interaction . The team is extremely organized and communicative and working with their team was seamless and highly collaborative. Their team is both technically and creatively talented. After creating relevant landing pages and revamping the entire site, NectarSpot is helping us to generate qualified leads through Google Ads campaign. We see a definitive increase in key web metrics such as higher conversion rate, lower bounce rate and higher engagement. We would highly recommend NectarSpot to anyone looking to up-brand their digital identity and get qualified leads.
Read More Testimonials....

Ryan Frederickson ArT Wine Preserver

NectarSpot team executed the Quick and solid build of AMP website. Not afraid of small tweaks here and there. The team has, from the beginning of project, focus on conversion and provided a seamless workflow for my prospects to visit, educate and finally purchase on my e-commerce portal. They provided design, development on AMP framework and helped to host e-commerce portal on scalable and secure google cloud. We are looking forward to working with them in future for other projects as well.
Read More Testimonials....

Read more to gain insights from our blogs.
Receive latest marketing insights, data and inspiration by subscribing .

Start Your Project Today (100% Satisfaction Guaranteed)

  • NectarSpot Inc. is an integrated digital marketing agency specializing in Design & Development of Web, Mobile & Voice Applications.
    We excel in providing Optimization, Automation, PPC & Analytics services to high performing brands across industries.

    Contact us today at +1 630 999 (7768) or email at to know more.

Need help?

We are right here!