SSL for Django project on bitnami

Question

I have an Django project deployed on ubuntu AWS instance with Bitnami and configured with Lightsail, Route53.

The project is working for HTTP.

I've tried to migrate to HTTPs using the bncert-tool and got DNS with HTTPS, although I see: "You are now running Bitnami Django 3.1.6 in the Cloud" instead of my project. HTTP:// is showing my project.

ps: I didn't enable: sample-vhost.conf and sample-https-vhost.conf, as if I do that I see "You don't have permission".

Is there additional steps that should be executed after bncert-tool?

bitnami.conf:


  # BEGIN: Configuration for letsencrypt
  Include "/opt/bitnami/apps/letsencrypt/conf/httpd-prefix.conf"
  # END: Configuration for letsencrypt
  # BEGIN: Support domain renewal when using mod_proxy without Location
  
    ProxyPass /.well-known !
  
  # END: Support domain renewal when using mod_proxy without Location
  # BEGIN: Enable HTTP to HTTPS redirection
  RewriteEngine On
  RewriteCond %{HTTPS} !=on
  RewriteCond %{HTTP_HOST} !^localhost
  RewriteCond %{HTTP_HOST} !^[0-9]+.[0-9]+.[0-9]+.[0-9]+(:[0-9]+)?$
  RewriteCond %{REQUEST_URI} !^/\.well-known
  RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
  # END: Enable HTTP to HTTPS redirection
  # BEGIN: Enable non-www to www redirection
  RewriteCond %{HTTP_HOST} !^www\. [NC]
  RewriteCond %{HTTP_HOST} !^localhost
  RewriteCond %{HTTP_HOST} !^[0-9]+.[0-9]+.[0-9]+.[0-9]+(:[0-9]+)?$
  RewriteCond %{REQUEST_URI} !^/\.well-known
  RewriteRule ^(.*)$ http://www.%{HTTP_HOST}%{REQUEST_URI} [R=permanent,L]
  # END: Enable non-www to www redirection
    WSGIScriptAlias / /opt/bitnami/projects/referralfirst/referralfirst/wsgi.py
    Alias /static "/opt/bitnami/projects/referralfirst/static

    
        AllowOverride all
        Require all granted
        Options FollowSymlinks
    

    DocumentRoot /opt/bitnami/projects/referralfirst
  # BEGIN: Support domain renewal when using mod_proxy within Location
  
    
      ProxyPass !
    
  
  # END: Support domain renewal when using mod_proxy within Location


Include "/opt/bitnami/apache/conf/bitnami/bitnami-ssl.conf"

bitnami-ssl.conf

# Default SSL Virtual Host configuration.


  LoadModule ssl_module modules/mod_ssl.so


Listen 443
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !EDH !RC4"
SSLPassPhraseDialog  builtin
SSLSessionCache "shmcb:/opt/bitnami/apache/logs/ssl_scache(512000)"
SSLSessionCacheTimeout  300


  DocumentRoot "/opt/bitnami/apache/htdocs"
  SSLEngine on
  SSLCertificateFile "/opt/bitnami/apache/conf/findreferral.link.crt"
  SSLCertificateKeyFile "/opt/bitnami/apache/conf/findreferral.link.key"

  # BEGIN: Configuration for letsencrypt
  Include "/opt/bitnami/apps/letsencrypt/conf/httpd-prefix.conf"
  # END: Configuration for letsencrypt
  # BEGIN: Support domain renewal when using mod_proxy without Location
  
    ProxyPass /.well-known !
  
  # END: Support domain renewal when using mod_proxy without Location
  # BEGIN: Enable non-www to www redirection
  RewriteEngine On
  RewriteCond %{HTTP_HOST} !^www\. [NC]
  RewriteCond %{HTTP_HOST} !^localhost
  RewriteCond %{HTTP_HOST} !^[0-9]+.[0-9]+.[0-9]+.[0-9]+(:[0-9]+)?$
  RewriteCond %{REQUEST_URI} !^/\.well-known
  RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [R=permanent,L]
  # END: Enable non-www to www redirection
  
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
  

  # Error Documents
  ErrorDocument 503 /503.html
  # BEGIN: Support domain renewal when using mod_proxy within Location
  
    
      ProxyPass !
    
  
  # END: Support domain renewal when using mod_proxy within Location

SSL for Django project on bitnami

Answers (1)

Related Questions