SOP for SSL on Main Domain via google cloud bitnami (Information)

How To Enable HTTPS Support With SSL Certificates?

NOTE: The steps below assume that you are using a custom domain name and that you have already configured the custom domain name to point to your cloud server.

Once you obtain the certificate and certificate key files ( check here), you will need to update your server to use them. Follow these steps to activate SSL support:

Identify the correct locations for your certificate

Use the table below to identify the correct locations for your certificate and configuration files.

Variable

Value

Current application URL

https://[custom-domain]/

 

Example: https://my-domain.com/ or https://my-domain.com/appname

Apache configuration file

/opt/bitnami/apache2/conf/bitnami/bitnami.conf

Certificate file

/opt/bitnami/apache2/conf/server.crt

Certificate key file

/opt/bitnami/apache2/conf/server.key

CA certificate bundle file (if present)

/opt/bitnami/apache2/conf/server-ca.crt

Copy your SSL certificate and certificate key file to the specified locations.

NOTE: If you use different names for your certificate and key files, you should reconfigure the SSLCertificateFile and SSLCertificateKeyFile directives in the corresponding Apache configuration file to reflect the correct file names.

Choose the correct directive based on your scenario and Apache version:

Variable

Value

Apache configuration file

/opt/bitnami/apache2/conf/bitnami/bitnami.conf

Directive to include (Apache v2.4.8+)

SSLCACertificateFile “/opt/bitnami/apache2/conf/server-ca.crt”

Directive to include (Apache < v2.4.8)

SSLCertificateChainFile “/opt/bitnami/apache2/conf/server-ca.crt”

NOTE: If you use a different name for your CA certificate bundle, you should reconfigure the SSLCertificateChainFile or SSLCACertificateFile directives in the corresponding Apache configuration file to reflect the correct file name.

Make Certificates Readable on server

Once you have copied all the server certificate files, you may make them readable by the root user only with the following commands:

  • sudo chown root:root /opt/bitnami/apache2/conf/server*
    sudo chmod 600 /opt/bitnami/apache2/conf/server*
  • Open port 443 in the server firewall. Refer to the FAQ for more information.
  • Restart the Apache server.

You should now be able to access your application using an HTTPS URL.

How to Restart Apache2 in Bitnami

sudo /opt/bitnami/ctlscript.sh restart apache

How To Install The WP Encrypt Plugin For Let’s Encrypt Certificate Generation?

Install the WP Encrypt plugin as follows:

  • Log in to your server console.
  • Create a directory for the Let’s Encrypt data:
  • sudo mkdir -p /opt/bitnami/apps/wordpress/letsencrypt/live
    sudo chown -R bitnami:daemon /opt/bitnami/apps/wordpress/letsencrypt
    sudo find /opt/bitnami/apps/wordpress/letsencrypt -type d -exec chmod 0775 {} \;
    sudo find /opt/bitnami/apps/wordpress/letsencrypt -type f -exec chmod 0664 {} \;
  • Edit the /opt/bitnami/apps/wordpress/wp-config.php file and add the line below to the end of the file. Save the changes.
  • define(‘WP_ENCRYPT_SSL_CERTIFICATES_DIR_PATH’, ‘/opt/bitnami/apps/wordpress/letsencrypt/live’);
  • Log in to your WordPress dashboard.
  • Select the “Plugins -> Add New” option.
  • Type “wp encrypt” in the search box.
  • Install the “WP Encrypt” plugin by clicking the “Install Now” button.
  • WordPress plugin installation
  • Once installed, click the “Network  Activate” button to activate the plugin.
  • On the “Settings -> WP Encrypt -> Account Settings” page, enter the organization name, country name and country code. These values are required to generate a certificate. Click “Save Changes” to save the settings.
  • WordPress plugin installation
  • Click the “Register Account” button to register an account with Let’s Encrypt.
  • WordPress plugin installation
  • Once the account has been successfully registered, click the “Generate Certificate” button to generate the actual certificate.
  • WordPress plugin installation
  • If Generate Certificate is showing error to generate the certificate wait for 24 hours.
  • Restart Apache2 in Bitnami
    sudo /opt/bitnami/ctlscript.sh restart apache

Leave a Reply

Your email address will not be published. Required fields are marked *