Is your WordPress website still not showing a green padlock even after installing SSL certificates? Don’t panic – there’s usually an easy fix!
This tutorial applies to both the Bitnami and Click-to-Deploy configurations of WordPress on Google Cloud.
In this tutorial you will learn about the most common reasons why your SSL certificates aren’t working properly, and how to fix them.
Before getting started with this tutorial, you should have already completed an SSL certificate tutorial.
Top 3 Causes of SSL Errors:
1. Mixed Content Errors
If your webpages aren’t loading securely after installing SSL certificates, it may be due to mixed content errors.
If your website is loading with https:// but with an symbol instead of a symbol, it may indicate a mixed content error (as seen in pictures below). Here’s how to identify and fix mixed content errors:
2. Certificate Command Errors
The SSL tutorials on onepagezen.com use 1pagezen.com or YOURDOMAIN.com as placeholders in all of the certificate commands. As you go through the tutorials, you’re expected to replace the placeholder domain with your own domain names.
This being the case, it’s possible that you forgot to replace the placeholder domain with your own domain name. This would mean the certificates would be issued for the placeholder domain instead of for your own domain name.
If you believe you’ve made this mistake, you will need to re-issue the certificates according to the tutorial, but with the correct domain name.
3. Improper DNS Configurations
Before getting started with either the Bitnami or Click-to-Deploy SSL tutorials, you need to have already completed a tutorial to Deploy WordPress on Google Cloud and Configure a Domain Name on Google Cloud.
The SSL tutorials are configured based on the WordPress and DNS tutorials below. For this reason, make sure your WordPress and DNS configurations are at the very least similar to the configurations demonstrated in the tutorials below.
Deploy WordPress
Click here to learn about the differences between the Bitnami and Click-to-Deploy versions of WordPress on Google Cloud.
Configure a Domain Name
Did it Work?
Did you find these tips helpful?
Were you able to fix an existing problem with your SSL certificates?
If you have any questions or comments, please post them below!
Thanks,
Chris says
Hi Joe,
Thanks so much for your great tutorials. I’m on to my second website with my limited web programming skills!
I have a mixed content error that is related to an image that should have been imported and be available when I installed a theme, but it’s missing. I don’t need the image, but I can’t figure out how to locate where it is supposed to be and delete the reference to it. Can you tell me more about how to ” locate where the image file is embedded”?
Leron Amin says
Hi Chris,
You should be able to see the photo in your WordPress media browser. From there you have the option of deleting it, then re-uploading it, to ensure it get’s the https-prefix prepended to it.
Let me know if you have other questions,
Joe
DonM says
Hi, I messed by forgetting to include ‘www.mywebsite.com’ in the name config files step. Please help
Leron Amin says
Hi DonM,
Just add it to the file now, then restart the server.
Let me know if you have questions,
Joe
Miracle says
How to remove ssl certificate my wordpress from Google cloud
Leron Amin says
Hi Miracle,
You can do this by working backwards through whichever tutorial you used to install the SSL certificates.
Let me know if you have questions,
Joe
Antrima Mandhan says
Hi,
I have deployed wordpress and also installed SSL certificate now my website URL is redirecting to https however I haven’t made any changes in wordpress general settings. Now i am trying to login to my wordpress admin panel it says this page isn’t working, it redirected you too many times. ERR_too_many_redirects
Leron Amin says
Hi Antrima,
This typically happens when you have multiple redirect in your Apache configuration. For example, when you manually add a redirect in your configuration file, and then you add an additional redirect through a script (such as certbot).
To fix this error, you need to track down and remove one of the redirects, then restart your Apache server. If you need additional help with this process, I will need to know more about which application you’re running on your VM (Bitnami WordPress, for example).
Talk to you soon,
Joe
majda says
hey, how can we track down.?
Themba.N says
Hi there,
These tutorials mean everything to us beginners, please keep up the good work. We really appreciate it.
āI’ve got an issue with my SSL certificate I get the following warning:
Warning: Potential Security Risk Ahead
Tor Browser detected a potential security threat and did not continue to 35.202.193.151. If you visit this site, attackers could try to steal information like your passwords, emails, or credit card details.
After going through this tutorial I think it has to do with an improper dns configuration, I was hoping you could help.
I’m running a (Click to deploy) WordPress instance on GCP that I’ve made into a multisite, I am now struggling with the step of changing the URL on WordPress (It’s still displaying as the IP), I can not do it in the settings (It doesnāt give me the option to) and I’ve tried to define it on the wp-config file and in phpmyadmin and still it’s displaying as the IP address. Iāve even tried a domain mapping plugin, but that only works on the new sites I create and not the main website.
I’m not sure how to do this. I believe if I can fix this, it should resolve the issue with my SSL certificate.
I also have a question around how I configure the SSL for subdomains in a multisite?
Leron Amin says
Hi Themba,
Thanks for the great feedback – I’m glad the tutorials have been helpful to you.
Configuring WordPress Multisite can oftentimes be a bit of a challenge. Are you using Bitnami’s WordPress Multisite solution? If so, I recommend checking out their configuration documentation here – as this will instruct you how to configure multisite for multiple domains.
Once you have all of the domains configured, follow these instructions for configuring SSL.
Good luck, and let me know if you have questions!
Joe
Allan says
I’ve replaced all the images and links with https and http://www.sslshopper.com shows nothing wrong with my SSL certificate. But my site is still getting the message “Your connection to this site is not fully secure”. Do you know what’s wrong here?
Leron Amin says
Hi Allan,
That sounds like a mixed content error.
Mixed content errors occur when your site is using a valid SSL certificate while also loading unsecured content.
You can read more about mixed content errors and how to fix them by following the instructions in this tutorial.
Let me know if you have additional questions,
Joe
Alejandro says
Hi
nice tutorial thanks!
Leron Amin says
Glad you found it helpful, Alejandro – thanks for the feedback!
alejandro says
Hi and thanks for you great tutorial, i have an issue now I canĀ“t acces to my website with the domain and in the sslchecker I get “No SSL certificates were found on doamain.com. Make sure that the name resolves to the correct server and that the SSL port (default is 443) is open on your server’s firewall”.
I follow the 2 before tutorials (https://onepagezen.com/free-ssl-certificates-wordpress-google-cloud-click-to-deploy/) latest and https://onepagezen.com/free-ssl-certificate-wordpress-google-cloud-click-to-deploy/ but i canĀ“t solve it. I can get acces to my site if i change the wordpressite url with http://ip
in error.log server certificate does NOT include an ID which matches the server name
i try it to solve comment out in wordpress-le-ssl.conf but doesnĀ“t work. could yoou help me please
Leron Amin says
Hi Alejandro,
From the Google Cloud sidebar menu, navigate to Compute Engine > VM Instances. Then, from here, click on the VM Instance that’s running your website, and click the “Edit” button at the top of the page. From here, make sure the box for “Allow HTTPS traffic” is checked (this is towards the bottom of the page).
Let me know if you have any other questions!
Joe
Emmanuel Dotsey says
Hello,
I was installing the SSL for my WordPress site but got a liitle ahead of myself and forgot to change the domains 1pagezen.com -d http://www.1pagezetp my domain name.
How do I fix this?
Can I uninstall this and reinstall?
Thanks for your help.
Best,
Emmanuel.
Leron Amin says
Hi Emmanuel,
Try re-issuing the certificate issuing command using the correct domain names, and see if it prompts you to overwrite the existing certificate files.
Try it and let me know how it goes,
Joe
BIPIN says
Hello,
Very nice tutorial.
I gone trough this tutorial to install ssl on https://indifests.com
I have checked all steps.
i done it right.
but now the site is not working.
SITE CAN NOT BE REACHED
ERR_CONNECTION-ABORTED
THIS IS THE ERROR I GOT.
Leron Amin says
Hi Bipin,
It looks like you were able to fix your website. What exactly was the issue?
Talk to you soon,
Joe
Bipin Kumar Tulo says
Hello Sir,
Yes i found the solution in the comments.
The issue is i have not allowed https request at the instant side.
I read all the comments in this post and able to do that.
Thank you so much for the awesome guidance.
Can you tell us how you setup mail in the click to deploy wordress.
i seen you mail is coming with a profile picture.
Leron Amin says
Hi Bipin,
Thanks for the update! This is a common issue that users encounter, but luckily it’s easily resolved.
For mail, I’d recommend using Zoho (view the setup tutorial here) – which costs a dollar per month. It’s possible to configure a completely ‘free’ solution by using workarounds, but in my opinion it isn’t worth it as you end up sacrificing time and convenience.
Let me know if you have any questions!
Thanks,
Joe
Kushal says
After installing the SSL following the video, i am getting error “YOUR CONNECTION TO THE SITE IS NOT SECURE”
After checking on https://www.sslshopper.com/, i got this response. ->
The certificate is self-signed. Users will receive a warning when accessing this site unless the certificate is manually added as a trusted certificate to their web browser. You can fix this error by buying a trusted SSL certificate
None of the common names in the certificate match the name that was entered (www.ofhrs.com). You may receive an error when accessing this site in a web browser. Learn more about name mismatch errors.
Common name: http://www.example.com
Organization: Bitnami Org. Unit: Certificate generated at boot time
Valid from May 8, 2019 to May 5, 2029
Serial Number: 9698174611658999677 (0x8696d66d19a5877d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: http://www.example.com
Leron Amin says
Hi Kushal,
This means that the server isn’t recognizing the correct certificate. In this case, I would recommend referring back to your Apache configuration file (bitnami.conf for Bitnami, or wordpress.conf for Click-to-deploy).
Once inside of the file, make sure that you added the Let’s Encrypt SSL certificate and then commented-out the snakeoil/placeholder certificates.
Hope this helps and let me know if you have any questions,
Joe
Atif says
Leron, You share nice tips in your blog thanks
SALAUDEEN ALADE says
Dear Admin,
Many thanks for all the wonderful tutorials you have here, but unfortunately after completing the configuration steps as listed in your tutorial for ONE CLICK DEPLOY WP, and I tried to navigate to my WP-ADMIN to add S to the HTTP, my site stops loading and I keep getting the below error;
NET::ERR_CERT_AUTHORITY_INVALID
Kindly support to rectify this as i am clueless on what to do.
Leron Amin says
Hi Salaudeen,
This generally means the certificate was configured incorrectly. In this case, I would recommend going through the tutorial (and comments section) and check for any things you may have missed.
Let me know if you have questions,
Joe
Jeremy says
This did not work for me, I get an error saying /var/www/html/ does not exist in the 3rd step on regular click to deploy
Leron Amin says
Hi Jeremy,
Make sure that youāre using the Click-to-deploy version of WordPress on Google Cloud. If youāre using the Bitnami version of WordPress on Google Cloud, the webroot will be different from /var/www/html. If youāre using neither Bitnami or Click-to-deploy, itās possible your webroot is completely different from either of the two.
To investigate further as to whether /var/www/html/ exists, you can run the following command in the terminal to change directories and get an understanding of your applicationās directory structure.
Or run the following command to see if the /var directory exists, and if so, what it contains:
Hope this helps, and please reach out if you have any questions,
Joe
HENRY ESPINOSA says
Hi, I’m trying to install an ssl certificate, but I get an error. I have installed wordpress multisite for deploy. Can you help me.
Thank you
Leron Amin says
Hi Henry,
Please provide details of the error. Also, feel free to post the question in the WordPress Cloud Hosting Support Group for a faster response.
Thanks,
Joe
ved says
Hello,
I am not getting lock icon after installing wordpress theme , previous i am getting , Also not getting inspect bottom .
Leron Amin says
Hi Ved,
Check your domain with SSL Shopper to verify that server is displaying the correct certificates. Also, I am not sure what you mean by ‘Also not getting inspect bottom’.
Talk to you soon,
Joe
Ved says
Thanks working , in safari not getting inspect when Right Clik to find mixed content error , I used google chrome .
Pleas help on expiry of SSL . Showing expire in six month so this will renew auto or need to renew again . Why will be process .
Thanks
Leron Amin says
Hey Ved,
You first have to enable the Safari develop menu. After it’s enabled, you can right-click anywhere on the page and select ‘Inspect element’ in order to toggle the inspect window.
If you think you will be doing a lot of development in the near future, I’d recommend switching to either Firefox or Chrome, as they both have a more advanced ‘developer tools’ interface.
Let me know if you have any questions,
Joe
Ved says
Thanks for valuable suggestions,
Also please let me know ssl will auto renew as for now showing exp in Dec , I already run auto renew commands .
Leron Amin says
Hi Ved – the auto-renew command will only execute if the certificates are set to expire within 30 days. You can set up the certificates to auto-renew by following this tutorial here.
Ved says
Thanks …
John says
Thanks for the great tutorial.
I’m getting a HTTP Error 500. When I restart everything goes smooth, syntax is ok too.
Leron Amin says
Hi John,
Unfortunately, there is no easy way to fix 500 errors, you just have to get a feel for your system and know which things to check first. My general process when facing is as follows:
Is my DNS configured correctly? Does the IP address of my VM match the IP of the A record assigned to my domain in CloudDNS?
What do the error logs show? For Click to deploy, check your Apache2 by executing:
For Bitnami:
For both Bitnami and Click-to-deploy, I would also check the other log files to see if you can find any traces of the error. Also – for Bitnami – check out this troubleshooting guide.
Lastly, check out Stackoverflow for additional resources.
Hope this information helps and let me know if you have any questions,
Joe
John says
Thanks Joe, I’m gonna keep looking for a solution.
Here is my error log: https://pastebin.com/NLesiELn
Leron Amin says
Sounds good John,
I don’t see anything unusual in those log files.
Please keep me posted as to whether you’re able to find a solution.
Thanks,
Joe
Yunus says
Hi,
You are the king man
I have a big problem about SSL certificate, I followed everything in the process but my certificate is showing error which is against sanalhukuk.net It shows example.com that is why SSL is broken
Leron Amin says
Hi Yunus,
The example.com certificate is the ‘placeholder’ certificate.
This means that you likely didn’t add the new SSL certificate file paths to your bitnami.conf or wordpress.conf file (depending on if you’re using Bitnami or Click-to-deploy, respectively).
I would go back to the step in the tutorial where you add the certificate file paths to the .conf file, and make sure that your syntax is correct.
Hope this helps and let me know if you have any questions,
Joe
faresh sheikh says
hey bro , it shows your ssl cert expired . then i tried with auto renew process but still it shows the same
Leron Amin says
Hey Faresh,
You need to restart Apache after finishing with the renew process.
Let me know if you have any questions,
Joe
MOHAMMED FARESH SHEIKH says
* DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates below have not been saved.)
Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/iqrainnovators.com/fullchain.pem (success)
** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates above have not been saved.)
——————————————————————————-
Syntax OK
/opt/bitnami/apache2/scripts/ctl.sh : httpd stopped
/opt/bitnami/php/scripts/ctl.sh : php-fpm stopped
/opt/bitnami/mysql/scripts/ctl.sh : mysql stopped
/opt/bitnami/mysql/scripts/ctl.sh : mysql started at port 3306
/opt/bitnami/php/scripts/ctl.sh : php-fpm started
Syntax OK
/opt/bitnami/apache2/scripts/ctl.sh : httpd started at port 80
After syntax is ok I am getting all this msg is it fine or something have gone wrong ??
MOHAMMED FARESH SHEIKH says
It’s done !! Thanks alot bro !! It was a great help
Jeremy says
This site has saved me the most important thing I have in life besides my family… My Time! This site is a gold mine of time saving info. Very Much appreciated!
Leron Amin says
Glad to hear it, Jeremy – thanks for the feedback!
Ronnie says
Great Tutorial! I didn’t know how to get the green lock icon. You fixed all my problems! Thank you for taking the time to share your knowledge.
Leron Amin says
Glad to hear it – thanks for the feedback Ronnie!
Talk to you soon,
Joe
Ela Sant says
Hey,
I love your tutorials. But I may have messed up a step or two. The SSl server Test tells me that there is a Name Mismatch. How can I correct this?
Leron Amin says
Hi Ela,
Thanks for the feedback! š
I will take a look if you either send me your domain name or copy and paste the message that the SSL test is showing.
Talk to you soon,
Joe
Ela Sant says
Hey Leron,
I just started the tutorial over and was able to get it working. Now, I have another domain that will be directed to the one where I installed the Cerbot SSl. Can I add the SSl certificate to that domain too ?
Leron Amin says
Hi Ela,
If you’re simply forwarding the domain, you can do that at your domain name provider and don’t have to configure SSL.
If you’re trying to serve your website’s pages from the other domain, you will indeed have to configure SSL for that domain.
Let me know if you have any questions,
Joe
Heang says
I tried the last 3 things
sudo a2ensite default-ssl
sudo a2enmod ssl
sudo service apache2 restart
I got this message when trying to restart apache server.
Job for apache2.service failed. See ‘systemctl status apache2.service’ and ‘journalctl -xn’ for details. Please advice.ļ»æ
Leron Amin says
Hi Heang,
Check out these instructions that I sent to Cierra for instructions on how to fix this problem.
Let me know if you have any questions,
Joe
Heang says
Thanks Leron for your reply. I think I duplicated many certbots for the same domain. I tried to delete it, but I can’t find it the directory. Now I can’t even fix it although trying to follow your earlier instruction sent to Cierra. Really appreciated for your help.
Leron Amin says
Hi Heang,
Were you able to get it to work?
In both of the tutorials, the Certbot installations are located in your home directory. You can view them by executing the
cdcommand immediately after connecting to SSH.Hope this information is helpful, and let me know if you have any questions!
Joe
Heang says
Hi Leron, it didn’t seem to help. I couldn’t do anything about it. As I re-install the certbot, I get warned that my domain has been certified many times already and I can’t even renew the certbot. Thanks
Leron Amin says
Hi Heang,
Unfortunately there is no way to bypass this. Check out this page for additional information about the rate limits, such as how long you have to wait before they expire.
Hope this helps,
Joe
Heang says
Hi Joe, below is the message I got when I try to re-install my certbot:
n unexpected error occurred:
There were too many requests of a given type :: Error creating new cert :: too many certificates already issued for exact set of domains: golocalplace.com,www.golocalplace.com: see https://letsencrypt.org/docs/rate-limits/
Please see the logfiles in /var/log/letsencrypt for more details.
IMPORTANT NOTES:
– Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
I couldn’t find certbot this /etc/letsencrypt/.
Ryan says
Hi Leron, thank you for these tutorials. They are super helpful.
I’m stuck on figuring out how to get the green SSL padlock. After going through several things to try and fix, it’s still not showing the green padlock. The site is drycreeklake.com.
Any help is much appreciated.
Thanks
Leron Amin says
Hey Ryan,
It appears to be a simple ‘mixed content’ error.
I go over ‘mixed content’ errors and how to fix them in step 1 of this tutorial.
Let me know if you have any questions,
Joe
Jigar says
Hi, Thank you for the help.
In my case ‘Mix content'(images) are not in widget or posts but i can see it in media library, but there wp wont allow me to change link š
Also let me know how to update default website link to my domain instead of google cloud IP url.
Hope it makes sense
Leron Amin says
Hi Jigar,
Did you update your WordPress URLs after making the changes?
If not, this is likely what’s causing the error. Are you using Bitnami or Click-to-deploy?
Talk to you soon,
Joe
Omar Cortes says
Hello, i could not get the green secure text, i made all the steps, i’ve found out that there seems to be mixed content, but when i try to fix the route of the images they seems to be okay in my wordpress settings.
If you inspect my site: decen.com.mx you will see the not secure red text and the mixed content but if you open one of the mixed content links they redirect the url to https and show them as secure…
you can try this one http://35.184.124.178/wp-content/uploads/2018/05/logo-.jpg
Cant find out how to fix it.
Thank you!
Leron Amin says
Hey Omar,
Check out this comment that I just posted for Jonathan here.
One of the things I talk about is changing your domain URLs and changing the permalink format to post-name in order to ‘reset’ your URLs.
If neither of the solutions that I proposed to Jonathan work properly, the other thing that you can do is to run an SQL query in phpMyAdmin to find and replace all of your old URLs from your IP into your domain name.
Let me know if you’re able to get the problem resolved.
Joe
Damien says
Hello,
Please I just encountered an error on my site : and on my browser they say :
Your connection is not private
on Mozilla the error code is : SEC_ERROR_UNKNOWN_ISSUER
It seems like Let’s encrypt’s certificates have an Issue but when I get to your website,
I cannot access the website since the same issue occures there, please what can I do to resolve this issue ?
Leron Amin says
Hi Damien,
Could you tell me more about the error that you’re seeing? Are you also seeing this error when you visit onepagezen.com?
Also, there doesn’t appear to be an issue with your SSL for doumer.me – so I’m not sure what the issue is.
Thanks for the additional information, and I look forward to hearing from you soon,
Joe
Damien says
The error which I’m seeing is : “Your connection is not private” Presumably, my ssl certificates where not found. my website is https://doumer.me
I don’t see it on onepagezen.com, sorry I meant to say It appears also when I go to https://community.letsencrypt.org/ to find a solution to the issue.
Please do you have any advice ?
Leron Amin says
Hi Damien,
Your browser is likely showing you a cached version of the page with improperly configured certificates.
I don’t see any errors when I view your page in Chrome, and your SSL is showing as being properly configured here. So don’t worry about it.
Let me know if you have any questions,
Joe
Damien says
Hi, Please can you advice me on what to do ? As you said, the tests for certificates are passed by my site, but;
I still have the privacy error, and I don’t know why, a few people told me they experience that error too when visiting my site.
Here is the message chrome shows me:
This server could not prove that it is doumer.me; its security certificate is not trusted by your computer’s operating system. This may be caused by a misconfiguration or an attacker intercepting your connection.
It does so not only on chrome, but all my browsers
Leron Amin says
Hi Damien,
I don’t see any problems with your SSL configuration. I tested in in Edge, Chrome, and Firefox – and none of them showed any errors with your SSL certificates.
As I mentioned before, this is likely a cache issue with your web browser, which is still loading the old certificates instead of the new ones. Try using a Proxy service to view your website in order to bypass your browser’s behavior of displaying the cached version of the page.
Hope this information helps,
Joe
John says
Firstly, Thanks For Helping Newbie’s like me With Your Tutorials.
I Have Completed All Steps Succesfully But I’m Facing Some error at the Final step which is
AH00526: Syntax error on line 9 of /opt/bitnami/apache2/conf/bitnami/bitnami.conf:
ServerAlias only used in
apache config test fails, aborting
Monitored apache
not redirecting to ssl secure connection
I Need a Solution for this error, Please help me…
Leron Amin says
Hi John,
There is a syntax error on line 9 of your bitnami.conf file, on the line with ServerAlias.
I would recommend going back through the tutorial and checking for errors (see step 6).
Let me know if you have any questions,
Joe
Jassal jimmy says
Hello! one | page | zen
Will you help please
I did not able to redirect on my
great-answer.com
But able to redirect on https://www.
Www after instalation ssl .
Thanks for the awesome support.
Leron Amin says
Hi Jimmy,
Your redirect to www appears to be working fine and your certificates appear to have been configured correctly.
Great job and let me know if you have any questions,
Joe
Mukh says
Hey Leron, thanks for all tutorial about gcp configuration..
about https problem “not scure” on address bar happen to me..
I’ve 2 domain installed wordpress in 1 instace on my GCP cloud.
A. First I tray to install letsencrypt on domain1.com:
Generate certificate command:
./certbot-auto certonly –webroot -w /var/www/html/wp/domain1 -d domain1.com -d http://www.domain1.com
1. root wordpress /var/www/html/wp/domain1
2. /etc/apache2/sites-available/default-ssl.conf
I’ve added :
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
and added
SSLCertificateFile “/etc/letsencrypt/live/domain1.com/cert.pem”
SSLCertificateKeyFile “/etc/letsencrypt/live/domain1.com/privkey.pem”
SSLCertificateChainFile “/etc/letsencrypt/live/domain1.com/chain.pem”
3. /etc/apache2/sites-available/wordpress.conf
When Installed wordpress , I am using manual install, in this case I don’t find file wordpress.conf in this directory, I try to create file “wordpress.conf” manually and I’ve added only this code:
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
ServerName http://www.domain1.com
ServerAlias domain1.com
Redirect permanent / https://www.domain1.com/
4 . Run this commad:
sudo a2ensite default-ssl
sudo a2enmod ssl
sudo service apache2 restart
5. update wordpress URL and then https://domain1.com works well with green secure in address bar.
B. Next I tray to install letsencrypt on domain2.com:
Generate certificate command:
./certbot-auto certonly –webroot -w /var/www/html/wp/domain2 -d domain2.com -d http://www.domain2.com
1. root wordpress /var/www/html/wp/domain2
2. /etc/apache2/sites-available/default-ssl.conf
I’ve only added :
SSLCertificateFile “/etc/letsencrypt/live/domain1.com/cert.pem”
SSLCertificateKeyFile “/etc/letsencrypt/live/domain1.com/privkey.pem”
SSLCertificateChainFile “/etc/letsencrypt/live/domain1.com/chain.pem”
//this text below domain1.com
SSLCertificateFile “/etc/letsencrypt/live/domain2.com/cert.pem”
SSLCertificateKeyFile “/etc/letsencrypt/live/domain2.com/privkey.pem”
SSLCertificateChainFile “/etc/letsencrypt/live/domain2.com/chain.pem”
3. /etc/apache2/sites-available/wordpress.conf
When Installed wordpress , I am using manual install, in this case I don’t find file wordpress.conf in this directory, I try to create file “wordpress.conf” manually and I’ve added only this code:
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
ServerName http://www.domain1.com
ServerAlias domain1.com
Redirect permanent / https://www.domain1.com/
ServerName http://www.domain2.com
ServerAlias domain2.com
Redirect permanent / https://www.domain2.com/
4 . Run this commad:
sudo a2ensite default-ssl
sudo a2enmod ssl
sudo service apache2 restart
5. update wordpress URL and then https://domain2.com works well with green secure in address bar but not automaticly resdirect when I only type domain2.com. must type https://domain2.com manually, green secure appeared.
6. After installed letsencrypt on domain2.com . When I access domain1.com, automaticly redirect to https://domain1.com with red “not secure” on address bar.
Privacy error page:
err_cert_common_name_invalid
Subject: domain2.com
Issuer: Let’s Encrypt Authority X3
Expires on: Jul 16, 2018
Current date: Apr 18, 2018
Can you help me with this problem?
Leron Amin says
Hello Mukh,
This is not the correct way to install 2 domains on 1 VM instance.
The correct way is to choose a primary domain for your website, and then you can add the second domain to your certificate and configure everything just as you would in the tutorial. The only difference will be this command (notice there are directives for both domain1 and domain2):
Let me know if you have any questions,
Joe
Nishant Lamichhane says
http://35.185.146.114 brings http://www.lamicane.com with ssl enable while entering http://www.lamicane.com won’t show ssl.
Leron Amin says
Hi Nishant,
You need to configure the redirects in your bitnami.conf or wordpress.conf or htaccess file – depending on which stack you’re using.
I go through these steps in each SSL tutorial (step 6 for Bitnami). If your DNS and redirects are configured properly, your site will automatically redirect to the https version of the site when you try to access it via external IP. So I would retrace your steps through the SSL tutorial and domain name configuration tutorial and make sure you’ve configured everything properly.
Hope this helps,
Joe
Nishant Lamichhane says
Thanks Joe, it is now working.
Leron Amin says
Great – I’m glad to hear you got it working! š
Bill says
Does this work with cloudflare? I have my site on it and I’m trying to run this but unfortunately I just get a bunch of redirect errors.
Leron Amin says
Hi Bill,
To use the CloudFlare CDN you have to use their nameservers, which involves additional configuration that I don’t cover in any of my tutorials. That being said, I think CloudFlare offers their own SSL solution (as a plugin) that might be worth looking into.
As I mentioned before, configuring your website with CloudFlare is easier said than done, and unfortunately I don’t offer support on the subject.
If you’re able to get it working, let me know how it goes – I would love to hear about it!
Talk to you soon,
Joe
Vijaya Laxmi says
1st of all thanks for the great tutorial. here i am also facing issue while adding cloudfare too add in google domain. previously i am using godaddy hosting with cloudfare but now i am moving google cloud. by updating google name servers in cloudfare dash board will run my flow smoothly or will face any problem please help me out from this situation.
server name : https://www.ulaska.com/
presently using cloud fare name servers here.
Leron Amin says
Hi Vijaya,
If you change your Clouflare nameservers to Google your website will break.
To use Cloudflare you must use their nameservers.
Hope this answers your question,
Joe
Tejeshwar says
Thanks for the great Tutorials.
problem 1:
ServerName http://www.onepagezen.com
ServerAlias onepagezen.com
Redirect / https://onepagezen.com/ (Here I prefered naked domain)
this is only 302 redirection, how can I make it 301.
this also causing multiple redirections .
example: when I type https://onepagezen.com first its redirecting to https://onepagezen.com and then to https://onepagezen.com.
Please tell me how to solve this problem.
problem 2: My website is accessible by both IP address and domain. Please give the code that sovles both the issues.
Cierra says
Job for apache2.service failed. See ‘systemctl status apache2.service’ and ‘journalctl -xn’ for details.
after going through all the steps at the end I am getting this error when I am doing the restart command.
Leron Amin says
Hi Cierra,
This issue means that there is something wrong in one of your configuration files, probably a syntax error.
Try running the commands sudo apache2ctl configtest or sudo journalctl | tail
Either one of those commands should display an output that shows which file contains the error.
Let me know if you have any questions,
Joe
Cierra says
Fixed…. now Iām running into an issue with WP Muli-site. Can I generate the certificate for 3 different domains and it will work?
Leron Amin says
Yes – you can generate a single certificate and list all 3 of the domains in the certificate, including their www. and non-www. variations.
Cierra says
root@wordpress-6-vm:~# sudo service apache2 restart
Job for apache2.service failed. See ‘systemctl status apache2.service’ and ‘journalctl -xn’ for details.
this is what I am getting after using the restart apache 2 command.
Heang says
I have that same problem but no yet be able to solve yet. Did you happen to find out any solution?
Isabel Da Guerra says
Hi Leron,
My main website – Premium theme and plugins are sort of jammed.
I can’t register a plugin and nearly all plugins and theme are not functioning. I wanted to know if there’s a solution for this ‘freeze’ from your end?
I’ve managed to deactivate and reactivate one by one, including my theme but to no avail. Not sure what’s causing it. It’s not on maintenance mode since I’m able to still login and do my bit, but it’s sort of stuck now.
FYI, I changed the DEBUG command to ‘ true ‘ in the config php:
define( ‘WP_DEBUG’, false );
define( ‘WP_DEBUG’, true );
But now don’t know the path to it… duh?
==================================================
Also, changed the
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
to
ServerName mydomain.com
ServerAlias http://www.mydomain.com
Redirect / https://mydomain.com/
Not too convinced if this ‘name change’ could’ve caused the issue, since I was having problems with some plugins before ‘Sorry, you are not allowed to access this page.’
I see now it’s got worse… something is definitely triggering it not to work now. Ugh!!
Any help will be great… I’m still browsing through the web for answers too. Thanks.
Leron Amin says
Hi Isabel,
The ServerName and ServerAlias directives are only compatible with the newer releases of Apache, so I would stick with using the rewrite engine. This could very well have caused the problem.
Hopefully changing it back will solve the problem; that being said, I know how complicated things can be come when there are multiple plugin configuration issues! :/
Talk to you soon,
Joe
Isabel Da Guerra says
Thank you Leron for your quick response yet again š
I’ve fixed the issue wooowieee!!! Here are the steps…
STEP 1.
As per your instructions, replaced:
ServerName domain.com
ServerAlias http://www.domain.com
Redirect / https://www.domain.com/
to
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
Then logged in to my WordPress admin but still to no avail… still jammed. I had already ‘some’ issues prior to this change so was convinced that it had to be a plugin or my theme causing this freeze…
STEP 2.
So as per browsing about, I did the following:
Went to my FTP and renamed the ‘plugin’ folder at /opt/bitnami/wordpress/wp-content/plugins/
to
/opt/bitnami/wordpress/wp-content/plugins-old/
to ‘deactivate’ all my plugins…
then renamed ‘plugin-old’ folder back to ‘plugin’ to activate
/opt/bitnami/wordpress/wp-content/plugins/
STEP 3.
Then inside my WordPress admin I activated the default WordPress ‘theme’ too.
STEP 4.
Downloaded current WordPress from wordpress.org to my computer desktop and unzipped it.
Back to FTP, I uploaded 2 folders (wp-admin) and (wp-includes) to
/opt/bitnami/apps/wordpress/htdocs/wp-admin
/opt/bitnami/apps/wordpress/htdocs/wp-includes
STEP 5.
Inside my WordPress admin I reactivated each plugin and tested it one by one to make sure it worked, and deactivated the ones I that had error messages (I’ve contacted x2 the plugin developers for paid versions) but deleted the remainder duds.
Also activated the premium WordPress ‘theme’ as well.
Working!! Phew!
I hope this helps anyone reading this comment and thank you so much for your support Leron. Have a Good day! š
Leron Amin says
Thanks for breaking it down step-by-step; I know that a lot of users (including myself) will find this information very useful.
Also, which plugins were causing the issue (if you don’t mind me asking). Hopefully I’ll be able to avoid them in the future..
Isabel Da Guerra says
Hey hey hey š
When trying to [Activate plugin], I was getting ‘deprecated error warnings’ and ‘Fatal internal server error’
When trying to [Upgrade plugin], I was getting the ‘Sorry, you are not allowed to access this page.’ error.
So this was the status inside… cut story short. Current WordPress updates have really clamped down on security issues.
INTERESTING READ:
https://www.wordfence.com/blog/2018/01/wordpress-supply-chain-attacks/
So if you have any WordPress themes or plugins that do not update regularly as far back as a month, expect it to cause issues. š Test all and make sure they are in fact working.
My current deactivated with issues awaiting support reply are:
1. SEOPressor – On-Page Settings (META Settings, Canonical, 301 Redirect, Robot Rules), LSI Keywords, Social SEO, Schema and Dublin Core Markup
2. And [PayPal AddOn] from FormidablePro plugin
Other plugins were dormant like Link Juicer or from marketers not worth bothering mentioning, because even though they offer lifetime support it basically means, “I’ll be there but not forevaaa ‘cos in all fairness bug fixes costs me more than what you paid for the plugin. Time to go make another plugin now…”
So, I use Envanto marketplace with geeky stuff. Research for top reviews and ‘team’ support – Brainforce for example.
I hope this helps…
Leron Amin says
Hey Isabel,
Thanks for the information!
Interesting mention about the plugins that offer lifetime support, but then don’t offer updates. It sounds like a deceptive business practice, but understandable, especially for low-level plugin authors with limited resources.
Fortunately I don’t use any of the plugins that you mentioned, but I could see how the PayPal plugin not working could be a serious issue.
I will take a look at that article you sent. š
imran hussain says
sir i used click to deploy method to host my website on google cloud and i has followed all the steps you said and everything worked and now i am getting 2 problems.
1. when i try to open my wp admin ( http://indiamoveon.com/wp-admin it automatically become http://indiamoveon.comwpadmin) , http://indiamoveon.com/robots.tx turn to http://indiamoveon.comrobots.txt…these are errors and ( / )symbol automatically vanish everytime.
2.https://onepagezen.com/domain-name-configuration-wordpress-google-cloud/ , as i used click to deploy method and how i will configure domain name.
see my domin not configured https://35.193.100.131
Paul says
Thank you so much for your wonderful tutorials.I managed to install an ssl certificate after following the instructions in your tutorial.
Leron Amin says
Hi Paul,
I am glad you were able to successfully install the SSL certificates!
Thanks for leaving a comment, and feel free to reach out if you have any questions in the future.
Talk to you soon, š
Joe
Dev says
Hey Leron,
don’t we need to make changes to default ssl files under “/etc/apache2/sites-available”?
My DNS is not getting resolved in some browsers.
Leron Amin says
Hi Dev,
I looked at your SSL at it appears to be configured properly. Which browsers are you having issues with?
Talk to you soon,
Joe
Dev says
Yes i followed the version 4 of your SSL tutorial. It is now configured properly. However the problem still persists. On Safari and Mozilla they give an error “Server Not Found”.
On My Cellphone Chrome says
“www.omtradingcorp.com’s DNS address could not be found. DNS_PROBE_FINISHED_NXDOMAIN”
However when i switch to cellular network it is accessible everywhere. Is this my ISP’s issue?
Leron Amin says
Hi Dev,
I tested on Mozilla and Safari and didn’t encounter any issues.
There is a very unlikely chance this issue has to do with your DNS configuration, but more than likely it has to do with your ISP.
Hope this information helps, š
Joe
Dev says
Yep it does. Thank you so much!
Waqas says
Hi Leron,
Thank you for your response, i am facing constant complains from many people experienced Security Warning issue while accessing non-www and it was not auto-directing.
So its better for me to issue non-www certificate , How i can do this can you guide me because when i re-generate certificate i receive this error
IMPORTANT NOTES:
– The following errors were reported by the server:
Domain: justladies.co
Type: unauthorized
Detail: Invalid response from
http://justladies.co/.well-known/acme-challenge/Nd-FaWTyWk1lY7XO2XKYchmzf4BEw1r5lx1qNylO8rQ:
”
<html class="
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
Though everything is perfect & Fine.
Leron Amin says
Hi Waqas,
The best practice is to issue the SSL certificates for both the non-www and www versions of your domain, but to only use either the www-version or the non-www version as your preferred domain.
What was the command that you ran that caused the error?
You can copy and paste it here and I will let you know if I notice any errors.
Also include a link to the SSL tutorial that you are using.
Talk to you soon,
Joe
Waqas says
I tried multiple times these commands
./certbot-auto certonly –webroot -w /opt/bitnami/apps/wordpress/htdocs/ -d justladies.co -d http://www.justladies.co
./certbot-auto certonly –webroot -w /opt/bitnami/apps/wordpress/htdocs/ -d justladies.co
But same error came
I am using this tutorial : https://onepagezen.com/free-ssl-certificate-wordpress-google-cloud-bitnami/
also
https://onepagezen.com/free-ssl-certificate-wordpress-google-cloud-click-to-deploy/
thanks
Waqas
Leron Amin says
Open your a new SSH window and run the following command:
ls
Copy and paste the output in a reply to this comment.
Talk to you soon,
Joe
Waqas says
waqasbriotex@justladies-1-vm:~$ ls
apps certbot-auto certbot-auto.1 certbot-auto.2 certbot-auto.3 htdocs stack
waqasbriotex@justladies-1-vm:~$
Leron Amin says
Hi Waqas,
Thanks for confirming that – everything looks fine.
From what I understand, it is likely a DNS issue.
Check these resources for more information, and see if you can find a solution to the problem; there could be several causes.
Resource 1
Resource 2
Resource 3
If you can’t find the solution to the problem in these threads, let me know and I will help you through it.
Talk to you soon,
Joe
Waqas says
Hi Joe ,
thanks for your resource links , but i am still unable to find any solution. And i am clueless now to resolve this ssl error.
waiting for your response.
Regards
Waqas
Leron Amin says
Hi Waqas,
It appears you may have been successful in re-issuing the certificates based on this.
The only issue now is that your certificates are issued twice for the www-version of justladies.co.
Ideally, you want to issue the certificates with one of each: the www and non-www version of your domain. See example:
So have you been able to re-generate the certificates? Because I don’t remember there being the mismatch error the first time I looked up your certificates.
Talk to you soon,
Joe
Waqas says
Thank you Joe , its working fine now – I regenerated , i dunno what was happening even it was not re-generating ……… however, everything worked out . Thank you for your great support & Response.
Keep it up !!!
Regards
Waqas Qureshi
Leron Amin says
Hi Waqas,
I am glad that you were able to get it working; I guess your persistence paid off!
I am also glad that I was able to be of service!
Best regards, š
Joe
Waqas says
Hi ,
You are doing great job and keep it up.
I am facing ssl error of mismatch name you can view in this image https://monosnap.com/file/cVkyYX1D3wyKOdwSEx8vCrBgzIlzzW ,
I have installed ssl perfectly but it got installed on https://www.justladies.co , whenever someone access site https://justladies.co they got security error due to mismatch name. Please help me to resolve this issue on Google Cloud.
Regards
Waqas
Leron Amin says
Hi Waqas,
Your website seems to be auto-directing to the www-version of your site, so it doesn’t matter that the non-www version of your site (justladies.co) isn’t listed in the certificate.
If you want the non-www version of your site to load securely for some reason, you will need to re-issue the certificates and include the non-www version of your site as an alias in the certificate issuing command.
Let me know if you have additional questions, š
Joe