You are here
Home > IT > lightsailでwordpressにLet’sencryptの証明書を設定する



Generate And Install A Let's Encrypt SSL Certificate For A Bitnami Application

Amazon Lightsail でホストされている Bitnami スタックに SSL 証明書をインストールする方法を教えてください。


sudo /opt/bitnami/bncert-tool


Welcome to the Bitnami HTTPS Configuration tool.


Please provide a valid space-separated list of domains for which you wish to
configure your web server.

Domain list []:

The following domains were not included: Do you want to add them? [Y/n]: Y


HTTP -> HTTPS: Y, -> Y, -> : n

Enable/disable redirections

Please select the redirections you wish to enable or disable on your Bitnami

Enable HTTP to HTTPS redirection [Y/n]: Y

Enable non-www to www redirection [Y/n]: Y

Enable www to non-www redirection [y/N]: n

Changes to perform

この設定で設定しちゃって良いですか? yes

The following changes will be performed to your Bitnami installation:

1. Stop web server
2. Configure web server to use a free Let's Encrypt certificate for the domains:
3. Configure a cron job to automatically renew the certificate each month
4. Configure web server name to:
5. Enable HTTP to HTTPS redirection (example: redirect to
6. Enable non-www to www redirection (example: redirect to
7. Start web server once all changes have been performed

Do you agree to these changes? [Y/n]: Y

証明書作成しますか? yes

Create a free HTTPS certificate with Let's Encrypt

Please provide a valid e-mail address for which to associate your Let's Encrypt

Domain list:

Server name:

E-mail address []:

The Let's Encrypt Subscriber Agreement can be found at:

Do you agree to the Let's Encrypt Subscriber Agreement? [Y/n]: Y


Performing changes to your installation

The Bitnami HTTPS Configuration Tool will perform any necessary actions to your
Bitnami installation. This may take some time, please be patient.


The Bitnami HTTPS Configuration Tool succeeded in modifying your installation.

The configuration report is shown below.

Backup files:
* /opt/bitnami/apache2/conf/httpd.conf.back.202102010803
* /opt/bitnami/apache2/conf/bitnami/bitnami-apps-prefix.conf.back.202102010803
* /opt/bitnami/apache2/conf/bitnami/bitnami.conf.back.202102010803

Find more details in the log file:


If you find any issues, please check Bitnami Support forums at:
# This is the main Apache HTTP server configuration file.  It contains the
# configuration directives that give the server its instructions.
# See <URL:> for detailed information.
# In particular, see
# <URL:>
# for a discussion of each configuration directive.
# Do NOT simply read the instructions in here without understanding
# what they do.  They're here only as hints or reminders.  If you are unsure
# consult the online docs. You have been warned.
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path.  If the filenames do *not* begin
# with "/", the value of ServerRoot is prepended -- so "logs/access_log"
# with ServerRoot set to "/usr/local/apache2" will be interpreted by the
# server as "/usr/local/apache2/logs/access_log", whereas "/logs/access_log"
# will be interpreted as '/logs/access_log'.

# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
"httpd.conf" 566L, 20188C                                                                                     1,1           Top

Press [Enter] to continue:ENTER


cat /opt/bitnami/letsencrypt/scripts/


sudo /opt/bitnami/ stop apache
sudo /opt/bitnami/letsencrypt/lego --tls --email="" --domains="" --domains="" --domains="" --domains=""  --path="/opt/bitnami/letsencrypt" renew --days 90
sudo /opt/bitnami/ start apache

crontab -e でcrontab書き換える。有効期限が30日切らないと証明書更新できないので毎月cron実行させる意味はないが、とりあえず毎月実行にしておく。

crontab -e

0 0 * * *  /opt/bitnami/letsencrypt/scripts/
#0 0 * * * sudo /opt/bitnami/letsencrypt/lego --path /opt/bitnami/letsencrypt --email="" --http --http-timeout 90 --http.webroot /opt/bitnami/apps/letsencrypt renew && sudo /opt/bitnami/apache2/bin/httpd -f /opt/bitnami/apache2/conf/httpd.conf -k graceful # bncert-autorenew