如何在 Amazon EC2 中安装 GoDaddy SSL 证书 [英] How to Install GoDaddy SSL Certificate in Amazon EC2

问题描述

我有一个 Godaddy 域，例如指向 amazon ec2 实例的 website.com.我从 Godaddy 为 website.com 购买了 ssl 证书.如何配置 ec2 实例以使 website.com https?

I have a Godaddy Domain for example , website.com which points to a amazon ec2 instance. I bought a ssl certificate from Godaddy for website.com . How can I configure ec2 instance to make website.com https?

推荐答案

如果您使用 Ubuntu 作为服务器实例，请遵循以下几点:

If you are using Ubuntu for the server instance, follow the following points:

1. 使用ssh或putty登录ec2实例

1. Log in to the ec2 instance using ssh or putty

通过执行以下命令启用 ssl 模块:sudo a2enmod ssl

Enable ssl module by executing this command: sudo a2enmod ssl

您可能需要通过 systemctl 重新启动 apache 服务器:sudo systemctl restart apache2

You may have to restart the apache server through systemctl: sudo systemctl restart apache2

在你的 html 目录下创建一个 ssl 文件夹并打开它:sudo mkdir/var/www/html/my_ssl
cd/var/www/html/my_ssl

Make a ssl folder under your html directory and open it: sudo mkdir /var/www/html/my_ssl
cd /var/www/html/my_ssl

生成 csr 和密钥文件:

Generate csr and key files:

sudo openssl req -nodes -newkey rsa:2048 -keyout my_website.key -out my_website.csr

您必须提供以下详细信息:国家、州、城市、组织、单位、FQDN、电子邮件、挑战密码、Optioanl 公司名称.请注意，FQDN 可以是 website.com 或 example.website.com

You'll have to provide these details: Country, State, City, Organization, Unit, FQDN, email, a challenge password, Optioanl company name. Note that the FQDN can be website.com or example.website.com

通过nano或vi打开csr文件，复制内容:vi/var/www/html/my_ssl/my_website.csr

Open the csr file through nano or vi and copy its contents: vi /var/www/html/my_ssl/my_website.csr

转到您的godaddy证书，单击新证书，选择处理csr的第二个选项，然后将内容粘贴到其中.如果没有发现问题，您可以继续下一步.

Go to your godaddy certificate, click on new certificate, choose the second option that handles csr, and paste the contents into it. If no problem is found, you can continue to the next step.

Godaddy 将向网站的标准管理员电子邮件之一发送电子邮件.如果它们都不存在，请确保创建它.证书从待处理状态变为有效状态大约需要半小时.

Godaddy will send an email to one of the standard admin emails of the site. If none of them exists, make sure you create it. It will take around half an hour for the certificate to change from pending to valid.

从godaddy下载key文件，放到apache ssl文件夹:/etc/apache2/ssl/certs

Download the key files from godaddy and put them in the apache ssl folder: /etc/apache2/ssl/certs

打开default-ssl.conf文件进行修改:sudo vi/etc/apache2/sites-available/default-ssl.conf

Open the default-ssl.conf file for modification : sudo vi /etc/apache2/sites-available/default-ssl.conf

添加您的网站名称，并更改 ServerAdmin 电子邮件、ServerAlias、DocumentRoot 的默认值，将 SSLEngine 设置为开启，以及 SSLCertificateFile、SSLCertificateKeyFile 和 SSLCertificateChainFile 的路径.

Add your website name, and change the default values for ServerAdmin email, ServerAlias, DocumentRoot, set SSLEngine on, and the paths of SSLCertificateFile, SSLCertificateKeyFile, and SSLCertificateChainFile.

最后将修改后的文件设置为默认配置并重启你的apache:

Finally set the modified file to be the default configuration and restart your apache:

sudo a2ensite default-ssl.conf
sudo service apache2 重启

这篇关于如何在 Amazon EC2 中安装 GoDaddy SSL 证书的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！