Question
Wordpress One Click Install - How can I get SSL working?
I have a Wordpress site running at http://kinuenagata.com and I’m trying to get SSL to work on it but with no avail. I set up the site using the Wordpress One Click installation on Ubuntu option when I created my droplet.
FYI: I originally set up the droplet using another domain and changed it, more info on that at the end.
Here’s what I’ve done:
First I got an SSL certificate
- Generated a CSR based on the instructions here in the section under Generate a CSR and Private Key (For common name I used “www.kinuenagata.com”
- Purchased it through dynadot, where my domains are registered
- Received the certificate as text, not as a download, so I used nano on SSH to create a .crt file and pasted the certificate text into it and saved it. (I received an AlphaSSL certificate with no intermediate certificate)
- Moved the .csr .crt and .key files into /etc/apache2/ssl after creating the directory.
Next I tried to set up the SSL certificate on the Digital Ocean server
- Made a backup and modified the “000-default.conf” file as per the same instructions as earlier (Using the steps in the “Install Certificate On Web Server” under the “Apache” section)
It now looks like this:
# Added to mitigate CVE-2017-8295 vulnerability
UseCanonicalName On
<VirtualHost *:80>
ServerName kinuenagata.com
Redirect permanent / https://kinuenagata.com/
</VirtualHost>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
ServerName kinuenagata.com
ServerAlias www.kinuenagata.com
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/www.kinuenagata.com.crt
SSLCertificateKeyFile /etc/apache2/ssl/www.kinuenagata.com.key
DocumentRoot /var/www/html
<Directory /var/www/html/>
Options FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
- Enabled the Apache SSL module with
sudo a2enmod ssl
- Restarted Apache with
sudo service apache2 restart
And the current result is that it doesn’t work
- If I try going to either https://kinuenagata.com or https://www.kinuenagata.com, I get “ERRSSLPROTOCOL_ERROR”
- I tried testing the site on SSL Labs and it says “Assessment failed: No secure protocols supported”
Something that may be affecting this
The droplet was originally created using the Wordpress One Click install with the domain name of kinucommunication.com (not kinuenagata.com).
I found instructions online about how to change the domain name of the wordpress site here, which basically said to go to the functions.php file of my theme and then add:
update_option( 'siteurl', 'http://example.com' );
update_option( 'home', 'http://example.com' );
And then after it finishes remove that from the php file and you’re done.
I bring this up because I have some reservations about this method, even though it is suggested by Wordpress.org itself. The reason being that when I log into the server via SSH, I’m logged in as root@kinucommunication.
Also, when I tried using certbot as suggested on the Wordpress One Click install information page (even though I’m not looking to use Let’s Encrypt), it didn’t work. And I got this prompt:
Which names would you like to activate HTTPS for?
1: kinucommunication.com
2: www.kinucommunication.com
Which is based on the original domain name that I set before changing it.
Let me know if you need more details
I really hope to get everything set up correctly!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
×