How to activate Lightsail Let's Encrypt SSL Certificate

How do I get SSL to work on LightSail Install?

I have installed OpenEMR using AWS LightSail and it works with the IP.
I have a registered domain I am pointing to and it works but gives the “Site Not Secure” error. I chose LightSail installation because it comes with the automatic Let’s Encrypt SSL. However I am not sure if I am executing the instructions below correctly because it is not working.

cd /root/openemr-devops/packages/lightsail
# edit docker-compose.yml: add environment variables DOMAIN and EMAIL to the openemr container
./docker-compose up -d

Question 1: Did I enter the DOMAIN and EMAIL correctly in the openemr environment?

Question 2: When I run ./docker-compose up -d I get the error:
-bash: ./docker-compose: No such file or directory. How do I run ./docker-compose up -d ?

Thank you.

The docker-compose command likely doesn’t exist in that directory, you don’t need the ./ at the start of your command.

1 Like

Was juuust about to say that. It might even be “docker compose” now.

1 Like

Next time I have Lightsail booted up I’ll check the syntax and update the docs. The syntax and availability of that command really changed between Ubuntu 16 (?) and now.

1 Like

Thank you. it worked when i removed the ./ at the start

How do I get the SSL certificate to work? I’m stuck here. I’ve added the domain and email and ran docker-compose up -d successfully, yet nothing happens, do I get a notification? The site is still “Not Secure”.

Just to confirm, that domain you registered currently points to the IP of the OpenEMR instance, right? If so…

My advice would be to change the domain to something known invalid, then re-up it and check the container logs on first start. Once you know how to check container logs (and you see where Let’s Encrypt failed to authenticate and make new certs) you can reset the domain to the proper state and do it a second time, now that you know where to look and what to look for, and then we’ll see what it has to say for itself.

Yes the domain points to the IP of the OpenEMR instance. Sure thanks, will try that