Amazon LightsailのWordPressのLet’s Encryptの証明書のアップデート

Bitnami HTTPS Configuration Toolの準備

まずは、コンソールでLightsailにログイン
下記コマンドを入力し、「command not found」が返ってきたら、「Bitnami HTTPS Configuration Tool」がインストールされていないので、ツールのインストール作業を行う。

sudo /opt/bitnami/bncert-tool

インストールを始めるには、下記のコマンドを一行ずつ、実行する

wget -O bncert-linux-x64.run https://downloads.bitnami.com/files/bncert/latest/bncert-linux-x64.run
sudo mkdir /opt/bitnami/bncert
sudo mv bncert-linux-x64.run /opt/bitnami/bncert/
sudo chmod +x /opt/bitnami/bncert/bncert-linux-x64.run
sudo ln -s /opt/bitnami/bncert/bncert-linux-x64.run /opt/bitnami/bncert-tool

インストールが終わったら、こちらのコマンドを入力し、ツールが起動するか確認する。

sudo /opt/bitnami/bncert-tool

成功すれば、このような画面が表示される。

----------------------------------------------------------------------------
Welcome to the Bitnami HTTPS Configuration tool.

----------------------------------------------------------------------------
Domains

Please provide a valid space-separated list of domains for which you wish to 
configure your web server.

The web server name will be configured as the first provided domain name.

If you provide a non-www domain (e.g. example.com) but not its www subdomain 
(e.g. www.example.com), it will be added automatically, and viceversa.

Domain list []: 

ここでは、yo3.devと入力し、Agreementに同意するか、Email Addressを聞かれるので、それらを入力すれば、証明書が更新される。
このような画面が出てきて、最後に「Success」と出ればOK

----------------------------------------------------------------------------
Domains

Please provide a valid space-separated list of domains for which you wish to 
configure your web server.

The web server name will be configured as the first provided domain name.

If you provide a non-www domain (e.g. example.com) but not its www subdomain 
(e.g. www.example.com), it will be added automatically, and viceversa.

Domain list []: yo3.dev

----------------------------------------------------------------------------
Changes to perform

The following changes will be performed to your Bitnami installation:

1. Stop web server
2. Configure web server to use a free Let's Encrypt certificate for the domains: 
yo3.dev www.yo3.dev
3. Disable existing Let's Encrypt cron jobs configured with the tool
4. Configure a cron job to automatically renew the certificates each month
5. Configure web server name to: yo3.dev
6. Enable HTTP to HTTPS redirection (example: redirect https://yo3.dev to 
https://yo3.dev
yo3.dev　)
7. Enable non-www to www redirection (example: redirect yo3.dev to www.yo3.dev)
8. Start web server once all changes have been performed

You can modify the list of changes to perform if you select 'No'

Do you agree to these changes? [Y/n]: y


----------------------------------------------------------------------------
Create a free HTTPS certificate with Let's Encrypt

Please provide a valid e-mail address for which to associate your Let's Encrypt 
certificate.

Domain list: yo3.dev www.yo3.dev

Server name: yo3.dev

E-mail address []: 【email addressを入力】

The Let's Encrypt Subscriber Agreement can be found at:

https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf

Do you agree to the Let's Encrypt Subscriber Agreement? [Y/n]: y


----------------------------------------------------------------------------
Performing changes to your installation

The Bitnami HTTPS Configuration Tool will perform any necessary actions to your 
Bitnami installation. This may take some time, please be patient.

----------------------------------------------------------------------------
Success

自動更新（Bitnami Auto-Configuration Script）

コンソールで下記コマンドを入力

sudo /opt/bitnami/letsencrypt/scripts/generate-certificate.sh -m 【Email Addressを入力】 -d yo3.dev -d www.yo3.dev

その後、タスクを登録する。
Editorを開く。

sudo crontab -e

下記のコマンドを追加、保存し、Editorを閉じる

0 0 1 * * /opt/bitnami/letsencrypt/lego --tls --email="【Email Addressを入力】" --domains="yo3.dev" --domains="www.yo3.dev" renew && /opt/bitnami/apache2/bin/httpd -f /opt/bitnami/apache2/conf/httpd.conf -k graceful

これで、自動的に更新してくれる。。。はず。

参考

Bitnami HTTPS Configuration Toolインストールはここ

Let’s Encrypt自動更新タスクはここ