Detailed steps for enabling HTTPS with Certbot¶
🔐 Enabling HTTPS on an AWS-Hosted Website with Docker and Apache2
Date: 2025 May 27
Author: János Rostás & ChatGPT
Topic: Enable HTTPS using Let's Encrypt and Certbot for a Docker-hosted Apache2 web server on Ubuntu (AWS EC2).
📋 Overview¶
In this guide, we will enable HTTPS (SSL/TLS encryption) for your personal website hosted on an AWS EC2 instance using Docker with Apache2. We’ll use Certbot to obtain a free SSL certificate.
🚧 Prerequisites¶
- A domain name pointing to your EC2 public IP.
- Port 80 (HTTP) and 443 (HTTPS) open in the EC2 security group.
- Docker and Apache2 running inside a container.
- The website is accessible via
http://your-domain.com.
🛠️ Step-by-Step Instructions¶
🧰 Step 1: Install Certbot on the Host Machine¶
📦 We are installing Certbot on the host Ubuntu system, not inside the Docker container.
sudo apt update
sudo apt install certbot
🏗️ Step 2: Temporarily Stop Apache in Docker¶
To allow Certbot to bind to port 80 and verify your domain:
sudo docker stop apache-server
🔐 Step 3: Obtain the SSL Certificate¶
Run Certbot in standalone mode:
sudo certbot certonly --standalone -d your-domain.com
Replace your-domain.com with your actual domain name.
If successful, the certificate and key will be located in:
/etc/letsencrypt/live/your-domain.com/fullchain.pem/etc/letsencrypt/live/your-domain.com/privkey.pem
📂 Step 4: Copy SSL Certificates into the Docker Container¶
Create a directory to share certs between the host and the container:
sudo mkdir -p /home/ubuntu/docker-certs
sudo cp /etc/letsencrypt/live/your-domain.com/fullchain.pem /home/ubuntu/docker-certs/
sudo cp /etc/letsencrypt/live/your-domain.com/privkey.pem /home/ubuntu/docker-certs/
🐳 Step 5: Re-run Apache Docker Container with Volume Mount¶
🧼 Option 1: Remove the existing container
If you don’t need the old container anymore:
sudo docker rm apache-server
Then you can run your new container and update your Docker run command to mount the certs:
sudo docker run -dit \
--name apache-server \
-p 80:80 \
-p 443:443 \
-v /home/ubuntu/website/iPortfolio:/usr/local/apache2/htdocs/ \
-v /home/ubuntu/docker-certs:/usr/local/apache2/conf/certs \
httpd
✅ Explanation:
Option # Description
-dit # Run in detached mode with interactive terminal
--name apache-server # Give the container a name
-p 80:80 # Map HTTP port
-p 443:443 # Map HTTPS port
-v /home/ubuntu/website/iPortfolio:/usr/local/apache2/htdocs/# Mount your website files
-v /home/ubuntu/docker-certs:/usr/local/apache2/conf/certs # Mount your TLS certificates
httpd # Use the Apache Docker image
⚙️ Step 6: Configure Apache to Use SSL¶
- Enter the container:
sudo docker exec -it apache-server bash
- Edit the Apache config: Inside the container, navigate to the config directory:
cd /usr/local/apache2/conf
- Enable SSL:
Install nanoapt-get update && apt-get install nano
Edit or createextra/httpd-ssl.confto look like:
Listen 443
<VirtualHost *:443>
DocumentRoot "/usr/local/apache2/htdocs"
ServerName your-domain.com
SSLEngine on
SSLCertificateFile "/usr/local/apache2/conf/certs/fullchain.pem"
SSLCertificateKeyFile "/usr/local/apache2/conf/certs/privkey.pem"
</VirtualHost>
- Include SSL config in httpd.conf:
Open
httpd.confand uncomment or add:
Include conf/extra/httpd-ssl.conf
LoadModule ssl_module modules/mod_ssl.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
<VirtualHost *:80>
ServerName janosrostas.co.uk
ServerAlias www.janosrostas.co.uk
Redirect permanent / https://janosrostas.co.uk/
</VirtualHost>
- Restart the container (from host):
sudo docker restart apache-server
🧪 Test Your HTTPS Site¶
Open a browser and visit:
🔗 https://your-domain.com
If everything is set up correctly, you'll see the secure lock icon 🔒.
🔁 Bonus: Auto-Renewal¶
Let’s Encrypt certs expire in 90 days. Set up a cron job on the host:
sudo crontab -e
Add:
0 0 * * 0 certbot renew --pre-hook "docker stop apache-server" --post-hook "docker start apache-server"
This will renew the cert every Sunday at midnight.
✅ Summary¶
You've now enabled secure HTTPS on your AWS-hosted personal website running Apache2 inside a Docker container. This improves trust, privacy, and SEO.
 JanosRostas.co.uk
|
Happy hosting! 🎉
Docker