{"id":11,"date":"2025-01-18T23:57:56","date_gmt":"2025-01-18T23:57:56","guid":{"rendered":"http:\/\/ericcentric.com\/?page_id=11"},"modified":"2025-01-23T20:47:30","modified_gmt":"2025-01-23T20:47:30","slug":"trying-to-get-website-tls-certified","status":"publish","type":"page","link":"https:\/\/ericcentric.com\/?page_id=11","title":{"rendered":"Website TLS certified (DONE)"},"content":{"rendered":"\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"2180\" height=\"835\" src=\"https:\/\/ericcentric.com\/wp-content\/uploads\/2025\/01\/Screenshot-2025-01-20-200429-2.png\" alt=\"\" class=\"wp-image-44\"\/><\/figure>\n\n\n\n<p><strong>I used the following tools to install TLS<\/strong>:<\/p>\n\n\n\n<p>Certbot 3.1.0 installed with &#8220;Apache and Linux (pip)&#8221;<\/p>\n\n\n\n<p>LetsEncrypt Certificate Authority (provides free TLS certs)<\/p>\n\n\n\n<p>Route 53 and AWS Certificate Manager for cert. on Cloudfront facing the internet<\/p>\n\n\n\n<p><strong>Helpful Links:<\/strong><\/p>\n\n\n\n<p>Follow these instructions to install Certbot and procure a cert:<\/p>\n\n\n\n<p><a href=\"https:\/\/certbot.eff.org\/instructions?ws=apache&amp;os=pip\">https:\/\/certbot.eff.org\/instructions?ws=apache&amp;os=pip<\/a><\/p>\n\n\n\n<p>Follow steps here to install TLS cert. into EC2 instance with Apache:<\/p>\n\n\n\n<p><a href=\"https:\/\/docs.aws.amazon.com\/linux\/al2\/ug\/SSL-on-amazon-linux-2.html#ssl_certificate\">https:\/\/docs.aws.amazon.com\/linux\/al2\/ug\/SSL-on-amazon-linux-2.html#ssl_certificate<\/a><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><strong>Problems Encountered:<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"1625\" height=\"592\" src=\"https:\/\/ericcentric.com\/wp-content\/uploads\/2025\/01\/Screenshot-2025-01-18-202141.png\" alt=\"\" class=\"wp-image-26\"\/><\/figure>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"1914\" height=\"693\" src=\"http:\/\/ericcentric.com\/wp-content\/uploads\/2025\/01\/Screenshot-2025-01-18-184615.png\" alt=\"\" class=\"wp-image-13\"\/><figcaption class=\"wp-element-caption\">HTTP 502 &#8211; Bad Gateway<\/figcaption><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p><strong>SOLUTION:<\/strong> <\/p>\n\n\n\n<p><span style=\"text-decoration: underline;\">Issue 1:<\/span> See images above. <\/p>\n\n\n\n<p><span style=\"text-decoration: underline;\">Fix 1:<\/span> The fix for the &#8220;HTTP 502 Bad Gateway was simple. I made the Route 53 A record an Alias pointing to the Cloudfront distribution. &#8220;https:\/\/ericcentric.com&#8221; was able to browse to WordPress site.<\/p>\n\n\n\n<p><span style=\"text-decoration: underline;\">Issue 2:<\/span> When a netizen browses to &#8220;https:\/\/ericcentric.com&#8221;, he\/she will be redirected to a cloudfront edge location. The cloudfront passes a website with broken CSS and Javascript, because of the <strong>mixed-content issue<\/strong> &#8211; I&#8217;ll have to add pics&#8230;imagine the website format with ugly text and formatting. This means the static content cloudfront is caching contains a mix of HTTP and HTTPS. <\/p>\n\n\n\n<p><span style=\"text-decoration: underline;\">Fix 2:<\/span> I think there were multiple ways to fix this. The way that worked for me was to <strong>assign a TLS certificate to my Apache server. <\/strong>This way, Cloudfront can successfully connect via HTTPS to WordPress and cache the webpages.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><strong>Notes:<\/strong><\/p>\n\n\n\n<p>$14 for the .com domain, purchased through Route 53<\/p>\n\n\n\n<p>ACM produces a cert for FREE but is limited for use only with AWS services. No exporting of cert. allowed!<\/p>\n\n\n\n<p>An additional certificate needed to be created to TLS certify the Apache webserver. I used Certbot with LetsEncrypt and got a signed cert. for FREE<\/p>\n","protected":false},"excerpt":{"rendered":"<p>I used the following tools to install TLS: Certbot 3.1.0 installed with &#8220;Apache and Linux (pip)&#8221; LetsEncrypt Certificate Authority (provides free TLS certs) Route 53 and AWS Certificate Manager for cert. on Cloudfront facing the internet Helpful Links: Follow these instructions to install Certbot and procure a cert: https:\/\/certbot.eff.org\/instructions?ws=apache&amp;os=pip Follow steps here to install TLS [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-11","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/ericcentric.com\/index.php?rest_route=\/wp\/v2\/pages\/11","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ericcentric.com\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/ericcentric.com\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/ericcentric.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ericcentric.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=11"}],"version-history":[{"count":6,"href":"https:\/\/ericcentric.com\/index.php?rest_route=\/wp\/v2\/pages\/11\/revisions"}],"predecessor-version":[{"id":74,"href":"https:\/\/ericcentric.com\/index.php?rest_route=\/wp\/v2\/pages\/11\/revisions\/74"}],"wp:attachment":[{"href":"https:\/\/ericcentric.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=11"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}