Free SSL Certificate Setup for WordPress on Google Cloud (Bitnami)
September 15, 2017Leron AminComments Open
IMPORTANT: There is an updated version of this tutorial available here.
In this quick-start tutorial you will learn how to configure free, auto-renewing SSL certificates for WordPress websites that are hosted on Google Cloud Platform compute engine using the Bitnami version of WordPress on Google Cloud Platform.
Go to your Google Compute homepage and click the hamburger menu in the upper left-hand corner.Go to your Compute Engine, then to VM instances to access your WordPress installation.Once inside your Compute Engine, click on the SSH button to connect to your WordPress installation.
2. Install CertBot Client
Now that you’ve connected to your website’s Apache server, you are going to execute the command to install the Certbot client. The Certbot client is used to issue the SSL certificates that will be used later on in this tutorial.
After executing each of these commands, you can either stay in the same SSH window or exit and open a new one.
3. Generate Certificates
In this step you are going to execute the command below in order to tell the Certbot client to create SSL certificates for your website. Remember to replace 1pagezen.com with your own domain name.
After entering these commands, your certificates will be generated. Take note of the directory where your certificates are installed.
Note: Instructions for testing the certificate auto-renew script were moved here.
4. Test Certificate Renewal
Before setting up auto-renewal for your certificates, you are first going to execute the commands below in order to test the auto-renewal function.
./certbot-auto renew --dry-run
If you get a success message, it means that the certificates are renewing properly.
5. Setup Auto-Renewal
Important Notice: The auto-renew configuration instructions outlined in this section are no longer valid. For updated instructions on configuring auto-renewal, click here. Before configuring auto-renewal, you should skip to step 6 and finish the tutorial first.
In order to program your certificates to automatically renew themselves, you need to configure a crontab that will automatically renew the SSL certificates before they expire.
sudo crontab -e
After entering the crontab -e command, choose the text editor to use to create the crontab. Nano (1) is the easiest text editor to use.
1
Now that you’ve created a new crontab file, scroll to the bottom and paste the commands listed below. The command will tell Certbot to check for renewals twice per day.
After adding this code, enter ctrl+o to save changes, followed by ctrl+x to exit back to your home screen.
6. Configure the Certificates
The next step is to configure your certificates. First, execute the command below to open your bitnami.conf file for editing.
Next, paste the following 3-lines of code below the DocumentRoot line of the bitnami.conf file. This will tell the server to always serve your website's pages with HTTPS encryption. Remember to replace 1pagezen.com with your own domain name. (Update 03/08/2018: 'permanent' added to code to mark redirect as a 301 instead of 302).
Next, use the down-arrow key to scroll down the page. Place a # sign next to each of the two placeholder certificates, and paste the path to your three SSL certificate files as shown in the command below, making sure to replace 1pagezen.com with your own domain name.
After adding this code, enter ctrl+o to save changes, followed by ctrl+x to exit back to your home screen.
7. Update Domain URLs
Changing your website URLs via Settings > General is disabled in the Bitnami version, so you'll need to change your URLs by editing your wp-config.php folder.
In order to open your wp-config.php file for editing, run the command below.
After adding this code, enter CTRL+o to save changes, followed by CTRL+x to exit back to your home screen.
8. Restart your Apache Server
In order for your certificate changes to take effect, you need to restart you Apache server by entering the command below.
sudo /opt/bitnami/ctlscript.sh restart apache
9. Additional Resources
Now that you've completed the tutorial, you should configure your certificates to auto-renew using this tutorial. Also, if your configuration isn't working properly, check out the tutorial below to learn about common SSL errors and how to fix them.
Did it Work?
If your SSL certificates were configured properly, you will notice that your website is being loaded with a green padlock icon.
To configure certificate auto-renewal, please view the tutorial here.
If you have any questions or comments, please post them below!