How to install SSL Certificates on Amazon EC2 Ubuntu Server

How to install SSL Certificates on Amazon EC2 Ubuntu Server

Author: TIKAM CHAND
Date: Jan 18, 2026
Category: AWS / How To / Ubuntu

In the modern web era, having an SSL certificate is no longer optional. Beyond securing user data, search engines like Google use HTTPS as a ranking signal, making it essential for SEO.

If you are running an Ubuntu server on Amazon EC2 with Apache, this guide will show you how to manually install your SSL certificate files and configure your server for secure traffic.

Step 1: Move Your SSL Files to the Server

Once you have purchased or obtained your SSL certificate files (.crt, .key, and .ca-bundle), you need to upload them to your EC2 instance.

  1. Connect to your server via SSH: ssh -i your-key.pem ubuntu@your-server-ip
  2. Create a directory for the certificates: sudo mkdir -p /etc/apache2/ssl
  3. Upload the files: Use scp from your local machine to move the files into your server. scp -i your-key.pem your_site.crt your_site.key your_site.ca-bundle ubuntu@your-server-ip:~/
  4. Move files to the secure directory: Back on the server, move them to the final location. sudo mv ~/your_site.* /etc/apache2/ssl/

Step 2: Configure the Apache VirtualHost

You need to tell Apache to use these files for traffic on port 443 (HTTPS). Open your site’s configuration file (e.g., /etc/apache2/sites-available/your_site.conf):


    ServerName your_site.com
    ServerAlias www.your_site.com
    DocumentRoot /var/www/html

    SSLEngine on
    SSLCertificateFile /etc/apache2/ssl/your_site.crt
    SSLCertificateKeyFile /etc/apache2/ssl/your_site.key
    SSLCertificateChainFile /etc/apache2/ssl/your_site.ca-bundle

    
        AllowOverride All

Step 3: Enable the SSL Module and Site

For the changes to take effect, you must enable the Apache SSL module and restart the service.

# Enable SSL module
sudo a2enmod ssl

# Enable your site configuration (if not already)
sudo a2ensite your_site.conf

# Restart Apache
sudo systemctl restart apache2

Step 4: Update Amazon EC2 Security Groups

Even if your server is configured correctly, your site won’t load over HTTPS if the Amazon firewall is blocking port 443.

  1. Log in to the AWS Management Console.
  2. Go to EC2 Dashboard -> Instances.
  3. Select your instance and click on the Security tab.
  4. Click the Security Group ID.
  5. Under Inbound Rules, click Edit inbound rules.
  6. Add a new rule:
    • Type: HTTPS
    • Protocol: TCP
    • Port Range: 443
    • Source: 0.0.0.0/0 (or your preferred restriction)
  7. Click Save rules.

Conclusion

Your Amazon EC2 Ubuntu server should now be serving content securely over HTTPS. To avoid duplicate content issues and maximize SEO benefits, remember to set up a 301 redirect from HTTP to HTTPS in your .htaccess or Apache config.

Discover more from TCMHACK

Subscribe to get the latest posts sent to your email.

Tags:

Read our Blog

Leave a Reply

Discover more from TCMHACK

Subscribe now to keep reading and get access to the full archive.

Continue reading