How to Renew Let’s Encrypt SSL Certificate Google Cloud Bitnami

No Comments

Let’s Encrypt SSL is a free Certificate Authority (CA) that issues SSL certificate Google Cloud Bitnami. You can use these SSL certificates to secure traffic to and from your Bitnami application host.

This guide walks you through the process of generating a Let’s Encrypt SSL certificate for your domain and installing and configuring it to work with your Bitnami application stack.

This guide assumes that:

  • You have deployed a Bitnami application and the application is available at a public IP address so that the Let’s Encrypt process can verify your domain.
  • You have the necessary credentials to log in to the Bitnami application instance.
  • You own one or more domain names.
  • You have configured the domain name’s DNS record to point to the public IP address of your Bitnami application instance.

To launch the Bitnami HTTPS Configuration Tool, execute the following command and follow the prompts:

sudo /opt/bitnami/bncert-tool

Alternative Approach

test ! -f "/opt/bitnami/common/bin/openssl" && echo "Approach A: Using system packages." || echo "Approach B: Self-contained installation."

Step 1: Install The Lego Client

The Lego client simplifies the process of Let’s Encrypt certificate generation. To use it, follow these steps:

  • Log in to the server console as the bitnami user.
  • Run the following commands to install the Lego client. Note that you will need to replace the X.Y.Z placeholder with the actual version number of the downloaded archive:
cd /tmp
curl -Ls https://api.github.com/repos/xenolf/lego/releases/latest | grep browser_download_url | grep linux_amd64 | cut -d '"' -f 4 | wget -i -
tar xf lego_vX.Y.Z_linux_amd64.tar.gz
sudo mkdir -p /opt/bitnami/letsencrypt
sudo mv lego /opt/bitnami/letsencrypt/lego Step 2: Generate A Let’s Encrypt Certificate For Your Domain
  • Turn off all Bitnami services:
    sudo /opt/bitnami/ctlscript.sh stop
    
  • Request a new certificate for your domain as below, both with and without the www prefix.
sudo /opt/bitnami/letsencrypt/lego --tls --email="EMAIL-ADDRESS" --domains="seoxoom.com" --domains="www.seoxoom.com" --path="/opt/bitnami/letsencrypt" run

A set of certificates will now be generated in the /opt/bitnami/letsencrypt/certificates directory. This set includes the server certificate file DOMAIN.crt and the server certificate key file DOMAIN.key.

Step 5: Renew The Let’s Encrypt Certificate

Let’s Encrypt certificates are only valid for 90 days. To renew the certificate before it expires, run the following commands from the server console as the bitnami user. Remember to replace the DOMAIN placeholder with your actual domain name, and the EMAIL-ADDRESS placeholder with your email address.

sudo /opt/bitnami/ctlscript.sh stop
sudo /opt/bitnami/letsencrypt/lego --tls --email="EMAIL-ADDRESS" --domains="seoxoom.com" --path="/opt/bitnami/letsencrypt" renew --days 90
sudo /opt/bitnami/ctlscript.sh start

To automatically renew your certificates before they expire, write a script to perform the above tasks and schedule a cron job to run the script periodically. To do this:

  • Create a script at /opt/bitnami/letsencrypt/scripts/renew-certificate.sh
    sudo nano /opt/bitnami/letsencrypt/scripts/renew-certificate.sh
    
  • Enter the following content into the script and save it. Remember to replace the DOMAIN placeholder with your actual domain name, and the EMAIL-ADDRESS placeholder with your email address.

For Apache:

#!/bin/bash

sudo /opt/bitnami/ctlscript.sh stop apache
sudo /opt/bitnami/letsencrypt/lego --tls --email="EMAIL-ADDRESS" --domains="seoxoom.com" --path="/opt/bitnami/letsencrypt" renew --days 90
sudo /opt/bitnami/ctlscript.sh start apache

For NGINX:
#!/bin/bash

sudo /opt/bitnami/ctlscript.sh stop nginx
sudo /opt/bitnami/letsencrypt/lego --tls --email="EMAIL-ADDRESS" --domains="seoxoom.com" --path="/opt/bitnami/letsencrypt" renew --days 90
sudo /opt/bitnami/ctlscript.sh start nginx

  • Make the script executable:
    sudo chmod +x /opt/bitnami/letsencrypt/scripts/renew-certificate.sh
    
  • Execute the following command to open the crontab editor:
    sudo crontab -e
    
  • Add the following lines to the crontab file and save it:
    0 0 1 * * /opt/bitnami/letsencrypt/scripts/renew-certificate.sh 2> /dev/null

About Me: I'm the digital marketing specialist, competent in SEO (Google, Yahoo & Bing), Google Adwords (Search, Display, Google Shopping etc.), Facebook & Instagram Advertising etc. I can work in all platforms of digital marketing & advertise the legitimate products/services in a specific country, city or all over the world. I am very confident, dynamic, energetic, enthusiastic & dedicated freelancer as I want to build my career as a full time professional freelancer for long time. I prefer quality work rather than quantity & hard working is my way to become successful. If you hire me, then I will provide you my best quality services for your project until you achieve your goal with complete satisfaction. Expertise I do have: ✓ Managed AdWords and PPC for diversity of companies with a budget up to $500,000 per annum. All campaigns with a positive ROI. ✓ Successfully increased organic (SEO) traffic for websites with 1,000,000+ unique visits every month. ✓ In-depth Google Analytics analysis (and other tools) to make appropriate suggestions and drive positive change. ✓ Easy to understand reports and full transparency on everything I do and everything your budget is spent on. Let's get started! Contact me to discuss your plans.

About us and this blog

We are a digital marketing company with a focus on helping our customers achieve great results across several key areas.

Request a free quote

We offer professional SEO services that help websites increase their organic search score drastically in order to compete for the highest rankings even when it comes to highly competitive keywords.

Subscribe to our newsletter!

More from our blog

See all posts

Leave a Comment