SSL/TLS Configuration
The next step is to configure the website to use HTTPS, which would allow secure web communications over a network. This would require a Certificate Authority (CA) signed certificate, unless you want your visitors to encounter a warning before accessing your website.
On the other hand, CAs typically charge hundreds just for a “verified” certificate. With Let’s Encrypt, small businesses and individuals can request for a free certificate with a 90-day validity period, renewable every 60-days.
Since the certificate only lasts for 90-days, we can create cron jobs to automate the renewal process of the certificates. While Certbot will only renew certificates which are at least 60-days old, the tasks can be scheduled to execute at a set timing. This will ensure in the event of a failed renewal, it will allow ample time for the administrator to troubleshoot.
On top of the certificate renewal at 3am everyday, another 2 tasks are scheduled to restart the Apache web service at 3.05am everyday and to restart the Lightsail instance at 3.30am every Wednesday.
After this, you should be able to verify the SSL/TLS configuration using any browser.
6 replies on “Amazon Lightsail for Blogs”
Brilliant post! Love the simplicity and clarity. So what is the total cost of running the blog over one year?
I ve been hosting arunpc.com at WordPress.com for more than a decade. Now i am really tempted to move to LightSail 🙂
Thanks!
So the Lightsail instance will cost me $3.50/month, Route53 Hosted Zones are $0.50/month, and my domain is $12/year. That would work out to about $60 a year, which would be around $5/month! Personally I find to be very reasonable!
Absolutely! Cant agree more.
Nothing that important, but you could consider redirect for nestorlee.com by creating a CNAME to point to blog.netstorlee.com to prevent the ‘Page not found’.
Yes of course! I’m not sure why that slipped out of my mind… Thanks for letting me know!
Look forward for more posts! Keep writing! Cheers!