Deliverables

Screenshot showing your web browser with you encrypted (https/lock visible) and hostname in address bar

Steps

Acquire a Sub-Domain to use for your server (using DuckDNS)

• From AWS Console - record the public IP address of your running instance 34.201.249.154

• Go to duckdns.org and create an account

• Add a new subdomain nicolas-sys360.duckdns.org

• Add the IP address of your EC2 server to the subdomain record

• Use nslookup or dig to test it should propagate quick and your DNS record should now work on the Internet!

Complete the following procedures before you install Certbot

Navigate to your home directory (/home/ec2-user). Download EPEL with the following command.

sudo wget -r --no-parent -A 'epel-release-*.rpm' https://dl.fedoraproject.org/pub/epel/7/x86_64/Packages/e/

Install the repository packages as shown in the following command

sudo rpm -Uvh dl.fedoraproject.org/pub/epel/7/x86_64/Packages/e/epel-release-*.rpm

Enable EPEL as shown in the following command

sudo yum-config-manager --enable epel*

Edit the main Apache configuration file, /etc/httpd/conf/httpd.conf. Locate "Listen 80" and add the following lines

<VirtualHost *:80>
    DocumentRoot "/var/www/html"
    ServerName "nicolas-sys360.duckdns.org" 
ServerAlias "nicolas-sys360.duckdns.org" 
</VirtualHost>

Save the file and restart Apache

sudo systemctl restart httpd

Install and run Certbot

Install Certbot packages and dependencies using the following command

sudo yum install -y certbot python2-certbot-apache

Run Certbot

sudo certbot

Follow the prompts leaving the activation question blank to select all

Certbot prompts you about redirecting HTTP queries to HTTPS. To allow visitors to connect to your server via unencrypted HTTP, enter "1". If you want to accept only encrypted connections via HTTPS, enter "2". Press Enter to submit your choice.

Certbot completes the configuration of Apache and reports success and other information