Adding an SSL Certificate to the One-Click WordPress Image

December 1, 2014 4.4k views


I've recently setup a WordPress using the One-Click image that DigitalOcean offers. I already have my domain pointed to it but I'm having an issue in finding the right information on how to add an SSL certificate to it.

Both my domain and SSL Certificate are from Namecheap as I got them in the GitHub Student Pack. Note that on the Namecheap Control Panel the SSL Certificate is PositiveSSL.

How would I go about creating and then adding my SSL Certificate?

1 comment
4 Answers

The Wordpress image is a fairly stock apache configuration. To set up SSL you will first need to create a directory to keep your certificate and key and generate the csr that your certificate authority will use to generate your new certificate.

sudo mkdir /etc/apache2/ssl

openssl req -new -newkey rsa:2048 -nodes -keyout /etc/apache2/ssl/server.key -out /etc/apache2/ssl/server.csr

You will be asked several questions, your answers to which will be used to generate your new certificate. Make sure that the common name you provide is the FQDN that your site will be using.

You will need to provide the "server.csr" file to your certificate authority and when you receive your certificate you can copy it into a new file called: /etc/apache2/ssl/apache.crt

Once this is done you will just need to configure apache to use your new certificate. You can find details on this in steps 3-5 of this tutorial.

by Justin Ellingwood
The Apache web server is the most popular way to serve content on the web. If you need to communicate with your site visitors over a secured connection, setting up a TLS or SSL certificate will enable you to encrypt traffic. In this guide, we'll discuss how to create a self-signed SSL certificate on Ubuntu 14.04 and use it with Apache to encrypt traffic.
  • It still isn't working. The tutorial you linked me is asking me to give apache both a .crt and a .key but I only have a .crt and a .ca-bundle provided by Namecheap.

The key file was generated in /etc/apache2/ssl when you generated your csr. You can include the ca-bundle by adding the following line to your configuration:

SSLCertificateChainFile /etc/apache2/ssl/

  • I have my SSH Certificate working and my Apache2 will actually restart. However, when I set my WordPress to use HTTPS rather than HTTP, my mainpage still uses HTTP but my admin control panel uses HTTPS and I am unable to access the page. Is there anyway to fix that?

I know that this is a few months old, but I thought I'd chime in.

In the WP Dashboard, go to general, and update your site's domain names to reflect https instead of http.

Next, go install wp-force-https and every site will use https instead of http. This will also kick users who may type http in the address bar over to https.

OK, I'm stuck...I followed the tutorials here and I can restart Apache and it's loading the default-ssl.conf page.

I changed my site address in config.php like this:

define('WPHOME', '');
SITEURL', '');

Now if I go to, I just get redirected to

Firefox indicates that the site is NOT secure.

If I had this to .htaccess:

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$$1 [R,L]

And I go to, Firefox indicates the site IS protected (I can see the little green lock) BUT the site won't load - it gives me a message about how the site was redirected too many times and advises me to clear my cookies (that didn't work).

I'm at the five-yard line - any advice on how to finish this?

Have another answer? Share your knowledge.