Securing your website with SSL certification is crucial for protecting sensitive information and building trust with your users. While SSL certificates can be expensive, there are also free options available that you can install on your EC2 instance. In this guide, we will walk you through the steps to install a free SSL certificate on EC2.

Step 1: Generate a Certificate Signing Request (CSR)

The first step is to generate a CSR, which is required to obtain an SSL certificate. To do this, you can use OpenSSL, a widely used open-source toolkit.

$ openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr

Replace ‘yourdomain’ with your actual domain name. This command will generate a private key and a CSR file.

Step 2: Choose a Certificate Authority (CA)

Next, you need to choose a Certificate Authority (CA) that will issue your SSL certificate. There are several trusted CAs that offer free SSL certificates, such as Let’s Encrypt and Cloudflare.

Step 3: Verify Domain Ownership

Before you can obtain an SSL certificate, you need to verify that you own the domain. The verification process varies depending on the CA you choose. It usually involves adding a DNS record or uploading a file to your website’s root directory.

Step 4: Obtain the SSL Certificate

Once your domain ownership is verified, you can proceed to obtain the SSL certificate. Each CA has its own process for obtaining the certificate, which may involve running a command or using an API.

Step 5: Install the SSL Certificate on EC2

Now that you have obtained the SSL certificate, it’s time to install it on your EC2 instance. Connect to your EC2 instance using SSH and navigate to the directory where you generated the CSR and private key files.

$ sudo su

$ cd /etc/nginx/ssl

Copy the SSL certificate file (usually with a .crt extension) and the private key file (generated in Step 1) to this directory.

$ cp /path/to/yourdomain.crt .

$ cp /path/to/yourdomain.key .

Next, update your Nginx configuration file to enable SSL. Open the file using a text editor:

$ nano /etc/nginx/sites-available/default

Add the following lines inside the server block:

listen 443 ssl;
ssl_certificate /etc/nginx/ssl/yourdomain.crt;
ssl_certificate_key /etc/nginx/ssl/yourdomain.key;

Save the file and exit the text editor. Finally, restart the Nginx service to apply the changes:

$ sudo service nginx restart

Step 6: Test the SSL Certificate

To ensure that the SSL certificate is installed correctly, you can test it by accessing your website using HTTPS. Open a web browser and enter your website’s URL with https:// at the beginning. If the SSL certificate is installed correctly, you should see a padlock icon indicating that your connection is secure.

Congratulations! You have successfully installed a free SSL certificate on your EC2 instance. Your website is now secure and ready to build trust with your users.