One Page Zen

Web Design. Simplified.

  • Tutorials
    • Google Cloud
    • Amazon Cloud
    • Microsoft Cloud
  • Start
  • Services
  • Resources

Free SSL Certificate Setup for WordPress on Google Cloud (Bitnami)

September 15, 2017 By Leron Amin 170 Comments

FacebookTweetLinkedInGoogle+StumbleUponEmail

In this quick-start tutorial you will learn how to configure free, auto-renewing SSL certificates for WordPress websites that are hosted on Google Cloud Platform compute engine using the Bitnami version of WordPress on Google Cloud Platform.

Having SSL Security on your website will improve your Google search ranking.

If you’re using the Click-to-Deploy version of WordPress on Google Cloud Platform, you can view that SSL certificate tutorial here.

Before getting started with this tutorial, you should have already:

  1. Installed WordPress on Google Cloud
  2. Set up a Domain Name for your WordPress website
  3. Reserved a Static IP Address for your VM instance.

So let’s get started…

There are 9 steps in this tutorial:

  • 1. Connect to WordPress via SSH

  • 2. Install CertBot Client

  • 3. Generate Certificates

  • 4. Test Certificate Renewal

  • 5. Setup Certificate Auto-Renewal

  • 6. Configure the Certificates

  • 7. Update Domain URLs

  • 8. Restart your Apache Server

  • 9. Additional Resources

1. Connect to WordPress via SSH

ssl certificates wordpress on google cloud platform access menu
Go to your Google Compute homepage and click the hamburger menu in the upper left-hand corner.
ssl certificate for wordpress on google cloud platform compute engine vm instances
Go to your Compute Engine, then to VM instances to access your WordPress installation.
ssl certificate setup for wordpress on google cloud platform compute engine
Once inside your Compute Engine, click on the SSH button to connect to your WordPress installation.

2. Install CertBot Client

ssl certificate setup wordpress google cloud platform compute engine bitnami
Now that you’ve connected to your website’s Apache server, you are going to execute the command to install the Certbot client. The Certbot client is used to issue the SSL certificates that will be used later on in this tutorial.
wget https://dl.eff.org/certbot-auto && chmod a+x certbot-auto

After executing each of these commands, you can either stay in the same SSH window or exit and open a new one.

3. Generate Certificates

ssl certificate setup wordpress google cloud platform bitnami
In this step you are going to execute the command below in order to tell the Certbot client to create SSL certificates for your website. Remember to replace 1pagezen.com with your own domain name.
./certbot-auto certonly --webroot -w /opt/bitnami/apps/wordpress/htdocs/ -d 1pagezen.com -d www.1pagezen.com
ssl certificate setup wordpress google cloud platform bitnami
After entering these commands, your certificates will be generated. Take note of the directory where your certificates are installed.

Note: Instructions for testing the certificate auto-renew script were moved here.

4. Test Certificate Renewal

ssl certificate setup wordpress google cloud platform compute engine bitnami
Before setting up auto-renewal for your certificates, you are first going to execute the commands below in order to test the auto-renewal function.
./certbot-auto renew --dry-run
ssl certificate setup wordpress google cloud bitnami
If you get a success message, it means that the certificates are renewing properly.

5. Setup Auto-Renewal

Important Notice: The auto-renew configuration instructions outlined in this section are no longer valid. For updated instructions on configuring auto-renewal, click here.
(It is recommended that you skip to step 6 and finish this tutorial first).

ssl certificate setup wordpress google cloud platform compute engine bitnami
In order to program your certificates to automatically renew themselves, you need to configure a crontab that will automatically renew the SSL certificates before they expire.
sudo crontab -e 
ssl certificate setup wordpress google cloud platform compute engine bitnami
After entering the crontab -e command, choose the text editor to use to create the crontab. Nano (1) is the easiest text editor to use.
1
ssl certificate setup wordpress google cloud click to deploy
Now that you’ve created a new crontab file, scroll to the bottom and paste the commands listed below. The command will tell Certbot to check for renewals twice per day.
0 0 * * * ./certbot-auto renew --quiet --no-self-upgrade

0 12 * * * ./certbot-auto renew --quiet --no-self-upgrade

After adding this code, enter ctrl+o to save changes, followed by ctrl+x to exit back to your home screen.

6. Configure the Certificates

ssl certificate setup wordpress google cloud platform compute engine bitnami
The next step is to configure your certificates. First, execute the command below to open your bitnami.conf file for editing.
sudo nano /opt/bitnami/apache2/conf/bitnami/bitnami.conf

ssl certificate setup wordpress google cloud platform compute engine bitnami
Next, paste the following 3-lines of code below the DocumentRoot line of the bitnami.conf file. This will tell the server to always serve your website's pages with HTTPS encryption. Remember to replace 1pagezen.com with your own domain name. (Update 03/08/2018: 'permanent' added to code to mark redirect as a 301 instead of 302).
ServerName www.1pagezen.com

ServerAlias 1pagezen.com
Redirect permanent / https://www.1pagezen.com/
ssl certificate setup wordpress google cloud platform compute engine bitnami
Next, use the down-arrow key to scroll down the page. Place a # sign next to each of the two placeholder certificates, and paste the path to your three SSL certificate files as shown in the command below, making sure to replace 1pagezen.com with your own domain name.
SSLCertificateFile "/etc/letsencrypt/live/1pagezen.com/cert.pem"

SSLCertificateKeyFile "/etc/letsencrypt/live/1pagezen.com/privkey.pem"
SSLCertificateChainFile "/etc/letsencrypt/live/1pagezen.com/chain.pem"

After adding this code, enter ctrl+o to save changes, followed by ctrl+x to exit back to your home screen.

7. Update Domain URLs

Changing your website URLs via Settings > General is disabled in the Bitnami version, so you'll need to change your URLs by editing your wp-config.php folder.

ssl certificate setup wordpress google cloud platform compute engine bitnami
In order to open your wp-config.php file for editing,
run the command below.
sudo nano /opt/bitnami/apps/wordpress/htdocs/wp-config.php
ssl certificate setup wordpress google cloud platform compute engine bitnami
Inside of your wp-config.php file, you will need to replace your SiteURL and HomeURL definitions as shown below.

REPLACE THIS:


define('WP_SITEURL', 'http://' . $_SERVER['HTTP_HOST'] . '/');
define('WP_HOME', 'http://' . $_SERVER['HTTP_HOST'] . '/');


WITH THIS:

define('WP_HOME','https://www.1pagezen.com');
define('WP_SITEURL','https://www.1pagezen.com');

Remember to replace 1pagezen with either the www. or non-www. version of your domain name - whichever your prefer. For example:


define('WP_HOME', 'https://1pagezen.com');
define('WP_SITEURL', 'https://1pagezen.com');

After adding this code, enter CTRL+o to save changes, followed by CTRL+x to exit back to your home screen.

8. Restart your Apache Server

ssl certificate setup wordpress google cloud platform compute engine bitnami
In order for your certificate changes to take effect, you need to restart you Apache server by entering the command below.
sudo /opt/bitnami/ctlscript.sh restart apache

9. Additional Resources

Now that you've completed the tutorial, you should configure your certificates to auto-renew using this tutorial. Also, if your configuration isn't working properly, check out the tutorial below to learn about common SSL errors and how to fix them.

configure ssl auto renew

ssl certificate errors on google cloud

Did it Work?

If your SSL certificates were configured properly, you will notice that your website is being loaded with a green padlock icon.

To configure certificate auto-renewal, please view the tutorial here.

If you have any questions or comments, please post them below!

Thanks,

signature

Up Next...

google cloud ftp setup filezilla
Manage WordPress Files on Google Cloud Platform

Related Posts

  • How to Fix SSL Certificate Errors on Google Cloud
  • Click-to-Deploy vs. Bitnami for WordPress on Google Cloud
  • Domain Name Configuration for WordPress on Google Cloud
  • SSL Certificate Setup for WordPress on Google Cloud (Bitnami)
  • Increase 512MB Upload Limit for All-in-One WP Migration Plugin
  • How to Fix SSH (Linux Shell) Permission Errors on Google Cloud
FacebookTweetLinkedInGoogle+StumbleUponEmail

Filed Under: Featured Tutorials, GCP WordPress, Google Cloud Platform Tagged With: bitnami, compute engine, google cloud platform, ssl, wordpress

Comments

  1. Reid Bangert says

    April 16, 2018 at 3:49 pm

    Hello,

    When I go to restart Apache, I’m getting the following:

    AH00526: Syntax error on line 54 of /opt/bitnami/apache2/conf/bitnami/bitnami.conf:
    SSLCertificateFile: file ‘/etc/letsencrypt/live/www.bella-vr.com/cert.pem\xe2\x80\x9d’ does not exist or is empty
    root@bitnami-wordpress-dm-d806:/etc/letsencrypt# sudo /opt/bitnami/ctlscript.sh restart apache
    Unmonitored apache

    AH00526: Syntax error on line 54 of /opt/bitnami/apache2/conf/bitnami/bitnami.conf:f/bitnami/bitnami.conf
    SSLCertificateFile: file ‘/etc/letsencrypt/live/www.bella-vr.com/cert.pem\xe2\x80\x9d’ does not exist or is empty
    apache config test fails, aborting

    AH00526: Syntax error on line 54 of /opt/bitnami/apache2/conf/bitnami/bitnami.conf:
    SSLCertificateFile: file ‘/etc/letsencrypt/live/www.bella-vr.com/cert.pem\xe2\x80\x9d’ does not exist or is empty
    apache config test fails, aborting
    Monitored apache

    Any help is appreciated!

    Reply
    • Leron Amin says

      April 17, 2018 at 5:14 pm

      Hi Reid,
      Try CJ’s solution of changing the permissions of the letsencrypt directories. If that doesn’t work, go back to line 54 of your bitnami.conf file and make sure there are no spaces at the end of each line. Also, make sure sure there are no spelling errors on either of the 3 certificate paths (extra quotation marks, etc).
      Let me know if you have any questions,
      Joe

      Reply
  2. Andy says

    April 13, 2018 at 9:04 am

    You are awesome. Actually awesome! I’m working on a website. Following your tut, I just made it safe. Next step should be managing content in the site.

    Do you have any related tutorials concerning customising WordPress website (bitnami) on GCP?

    Thank you very much!

    Reply
    • Leron Amin says

      April 13, 2018 at 3:56 pm

      Hi Andy,
      I’m glad you were able to get your website running on Google Cloud.
      I don’t offer have any front-end tutorials for WordPress, but if you do a Google search, you will find thousands (if not millions).
      Good luck and let me know if you have any questions,
      Joe

      Reply
  3. Nishant Lamichhane says

    April 10, 2018 at 10:18 pm

    Leron i am using lamp stack on my engine, therefore i changed wordpress to apache and apche2 as well but no luck resolving the error.

    ~$ ./certbot-auto certonly –webroot -w /op
    t/bitnami/apps/apache/htdocs/ -d lamicane.com -d http://www.lamicane.com
    Requesting to rerun ./certbot-auto with root privileges…
    /opt/bitnami/apps/apache/htdocs/ does not exist or is not a directory

    Reply
    • Leron Amin says

      April 10, 2018 at 10:29 pm

      Hi Nishant,
      The error message is saying that the directory /opt/bitnami/apps/apache/htdocs/ doesn’t exist.
      From my understanding, if you’re running your application on a standalone Bitnami LAMP stack your webroot is /opt/bitnami/apache2/htdocs.
      If you’re using the pre-built WordPress LAMP stack, your webroot is /opt/bitnami/apps/wordpress/htdocs/
      Hope this helps and please reach out if you have any questions,
      Joe

      Reply
      • Nishant Lamichhane says

        April 10, 2018 at 11:39 pm

        Thanks Leron, this worked perfectly but now i am having trouble with this line
        sudo nano /opt/bitnami/apps/wordpress/htdocs/wp-config.php. after changing it to sudo nano /opt/bitnami/apache2/htdocs/config.php blank screen appears.

        Reply
        • Leron Amin says

          April 10, 2018 at 11:53 pm

          Hi Nishant,

          If a blank screen appears it means that the file does not exist, and therefor it created a new empty file at that location.

          Word of advice: if in doubt about whether a file exists at a certain location, use the cd command. For example, if there is in fact a wp-config.php at the location /opt/bitnami/apps/wordpress/htdocs/, then it will show up when you enter the command cd /opt/bitnami/apps/wordpress/htdocs/. If not, it will show a file not found error.
          Get familiar with using this process as it will save you a great deal of hassle down the road from entering invalid file paths.

          Also, check out this tutorial on Basic Linux Commands for Google Cloud – this will help you get comfortable with navigating the Linux Shell, and will help a lot in the future with configuring your websites in the cloud (the Linux Shell is universal across all cloud platforms).

          Let me know if you have any questions,
          Joe

          Reply
  4. OMK says

    April 10, 2018 at 7:07 am

    Hi thank you for your blog.
    I have gone through all instruction and it works fine and perfect.

    However I can’t login to phpmyadmin, do you know how to fix this issue?

    Reply
    • Leron Amin says

      April 10, 2018 at 11:01 am

      Hi OMK,
      For Bitnami stacks, you have to access phpMyAdmin via SSH tunnel, which I demonstrate in this tutorial.
      Please have a look at the tutorial and let me know if you have any questions,
      Joe

      Reply
  5. Dennis Kisilev says

    March 27, 2018 at 11:12 am

    First off VERY Clear & Great Videos!

    Second so im getting an error on

    AH00526: Syntax error on line 10 of /opt/bitnami/apache2/conf/bitnami/bitnami.conf:
    ServerAlias only used in
    apache config test fails, aborting
    Monitored apache

    Any Advice?

    Domain- luxairhvac.com

    Reply
    • Leron Amin says

      March 27, 2018 at 11:53 am

      Hi Dennis,
      There is an error on line 10 of your bitnami.conf file, specifically on the line with the ServerAlias directive.
      Go back to step 6 of the tutorial and make sure the three lines starting with ServerName are configured properly.
      Let me know if you have any questions,
      Joe

      Reply
  6. Track Killers says

    March 20, 2018 at 6:36 pm

    Hey, Love your site and al your videos by the way. I recently setup the SSL for Bitnami on Google Cloud and My website does NOT always load the GREEN SSL LOCK. How do I fix this issue?

    Reply
    • Leron Amin says

      March 21, 2018 at 1:48 pm

      Hello Track,

      Sounds like your website is serving mixed content, thereby causing a ‘mixed content’ error.

      Try looking over this tutorial for a solution on how to fix ‘mixed content’ errors.

      Let me know if you have any questions,
      Joe

      Reply
  7. Aly says

    March 11, 2018 at 6:45 am

    Hello
    How can i install Let’s Encrypt SSL on AWS AMAZON CLOUD

    Reply
    • Leron Amin says

      March 18, 2018 at 2:47 pm

      Hi Aly,

      If you’re using a Bitnami stack on AWS, the instructions will be nearly identical.

      Before starting, however, make sure that you have an external IP address assigned to your AWS WordPress instance.

      Let me know if you have any questions,
      Joe

      Reply
  8. Jack says

    March 10, 2018 at 2:16 am

    I am getting this error :
    jay@omsai-wordpress-1-vm:~$ sudo /opt/bitnami/ctlscript.sh restart apache
    Unmonitored apache
    AH00526: Syntax error on line 51 of /opt/bitnami/apache2/conf/bitnami/bitnami.conf:
    SSLCertificateFile takes one argument, SSL Server Certificate file (‘/path/to/file’ – PEM or DER encoded)
    apache config test fails, aborting
    Monitored apache

    Reply
    • Leron Amin says

      March 10, 2018 at 8:40 am

      Hi Jack,

      Make sure there aren’t any spaces at the end of the certificate path on line 51 (and for the other two certificate paths) – this is probably what is causing the error.

      Let me know if you have any questions,
      Joe

      Reply
      • Jack says

        March 12, 2018 at 2:57 am

        Thanks a lot, Joe it works now,
        Keep up the good work.

        Reply
  9. Miguel says

    March 8, 2018 at 2:30 am

    I’ve followed your tutorials for WordPress on AWS and it helped me alot. Thanks for the very detailed explanation.

    Can you make a tutorial for installing SSL Certificate for Wordpess in AWS with bitnami just like this one?

    Appreciate your effort, thanks.

    Reply
    • Leron Amin says

      March 8, 2018 at 12:19 pm

      Hi Miguel,

      I will make an AWS SSL tutorial in the future. That being said, the configuration for the GCP and AWS Bitnami WordPress stacks are nearly identical, so you should be able to use this tutorial to configure SSL on AWS.

      If you try it and run into any issues, let me know and I will see how I can help.
      Joe

      Reply
  10. sikboyv says

    March 7, 2018 at 6:30 pm

    sudo nano /opt/bitnami/apache2/conf/bitnami/bitnami.conf
    file not
    I can not do this because the file does not exist

    Reply
    • Leron Amin says

      March 8, 2018 at 10:55 am

      Hello,

      Try moving to the destination one level at a time and see what happens:
      cd opt then cd bitnami then cd apache2 then cd conf then cd bitnami then sudo nano bitnami.conf

      Let me know how it goes,
      Joe

      Reply
  11. Mehran says

    February 21, 2018 at 8:22 pm

    Leron, Thanks for this great tutorial. I already setup SSL successfully and everything is Ok except accessing to phpmyadmin since I’m using wordpress bitnami on GCP I have to get access to phpmyadmin through http://127.0.0.1:8888/phpmyadmin but it redirect s me to main domain e.g https://www.1pagezen.com. Just as a note After finishing tour tutorial to get access to phpmyadmin locally I followed https://docs.bitnami.com/google/components/phpmyadmin/ also I had access to phpmyadmin before setting up SSL on my website.

    Any idea how to fix this?

    Reply
    • Leron Amin says

      February 22, 2018 at 12:18 pm

      Hi Mehran,

      At the end of step 4.5, were you able to create the SSH tunnel (see the black terminal showing the Bitnami text)?

      Reply
      • Mehran says

        February 22, 2018 at 4:41 pm

        Yes.

        Reply
      • Mehran says

        February 23, 2018 at 7:54 pm

        In error_log:
        localhost:443:0 server certificate does NOT include an ID which matches the server name
        Command line: ‘/opt/bitnami/apache2/bin/httpd.bin -f /opt/bitnami/apache2/conf/httpd.conf’
        client denied by server configuration: /opt/bitnami/apps/phpmyadmin/htdocs/import.php

        Reply
        • Leron Amin says

          February 25, 2018 at 12:50 pm

          Hi Mehran,

          What is your domain? If you don’t want to provide it, make sure to run a check with an SSL Checker to make sure you have both the www-version and non www-version of the domain listed in your SSL certificate.

          Let me know what you find out,
          Joe

          Reply
          • Mehran says

            February 25, 2018 at 2:11 pm

            Leron, Thanks for reply but to clarify again I have no problem with SSL it means already setup successfully but not able to access to bitnami phpmyadmin as I mentioned. Please check the bitnami link I posted before for accepting to phpnyadmin which is only possible on localhost.

          • Leron Amin says

            February 25, 2018 at 5:23 pm

            Hi Mehran,

            Are you referencing your server logs? Try using Chrome browser and accessing localhost and choose the “proceed anyway” option when the browser warns that the SSL certificate is invalid.

            This error is expected as localost is not listed in the SSL certificate, and therefor will show a security warning by default.

            Talk to you soon,
            Joe

          • Leron Amin says

            February 25, 2018 at 5:25 pm

            Also Mehran – please create a new comment at the bottom of this tutorial page, and I will assist you there.

            This tutorial page is for SSL certificate troubleshooting only.

            Thanks, Joe

  12. Jamaica says

    February 17, 2018 at 4:33 pm

    I want to go to google cloud but i have it hard fining a cost for a simple wordpress website hosting, can you give me a rught idea the cost to host a site like yours?

    Reply
    • Leron Amin says

      February 19, 2018 at 8:27 pm

      Hi Jamaica,

      You could run a website like onepagezen.com for around $2-5/month using the most basic settings. That being said, remember that this is not a data intensive website (no stored user account data or video), so the storage/networking costs are low.

      Hope this information is helpful,
      Joe

      Reply
      • Jamaica says

        February 19, 2018 at 8:49 pm

        Thanks for your response, so your saying i should just select the basic options when signing up? my site is under 500mb when i use all in one migration, so i beleve its very small.

        Reply
        • Leron Amin says

          February 19, 2018 at 9:38 pm

          What I would recommend is that you start with the most basic option, and then if you’re experiencing issues with performance, you can always upgrade (see the performance graphs at the top of your GCP dashboard).

          Reply
  13. Cristian Correa says

    February 15, 2018 at 9:32 pm

    I have a problem when I try renew because the url “well-know” is incorrect with certbot

    https://mydomain.com.well-known/acme-challenge without “/” before

    IMPORTANT NOTES:

    The following errors were reported by the server:

    Domain: mydomain.com
    Type: connection
    Detail: Fetching
    https:/mydomain.com.well-known/acme-challenge/d2YSErxL3DzgwoxIF-uJfj9M42YH8Qq01eKDkbe1Fo8:
    Error getting validation data

    Reply
    • Leron Amin says

      February 16, 2018 at 5:25 pm

      Hi Christian,

      Did you get the error resolved?

      What is the full renew command that you’re executing?

      Reply
  14. Godson says

    February 15, 2018 at 6:02 pm

    When you are done, follow this intructions to force redirection to https

    Add the following to the top of the /opt/bitnami/apps/wordpress/conf/httpd-prefix.conf file:

    RewriteEngine On
    RewriteCond %{HTTPS} !=on
    RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]

    Reply
  15. Godson says

    February 15, 2018 at 4:59 pm

    It’s Quite simple to set it up for Multi- Site… with Sub Domains

    Follow the tutorial here but skip the following:

    ServerName http://www.1pagezen.com
    ServerAlias 1pagezen.com
    Redirect / https://www.1pagezen.com/

    Don’t add that to your bitnami.conf file, you don’t want all your sub domains redirecting to the main one.

    Skip adding this lines to your wp-config.php as well—

    WITH THIS:

    define(‘WP_HOME’,’https://www.1pagezen.com’);
    define(‘WP_SITEURL’,’https://www.1pagezen.com’);

    You should install the cert like this

    ./certbot-auto certonly –webroot -w /opt/bitnami/apps/wordpress/htdocs/ -d 1pagezen.com -d http://www.1pagezen.com –d subdomain.1pagezen.com -d sub2.1pagezen.com

    If you’ve installed it before it would notify you asking if it should expand the certificate. Just enter the code for yes… and you are done..

    Reply
  16. James says

    February 15, 2018 at 7:48 am

    Great tutorials – very clear and well documented.
    I’m wondering if you could provide alternate instructions for Step 6 of the “Free SSL Certificate Setup for WordPress on Google Cloud (Bitnami)” tutorial specific to the nginx server rather than apache. I’ve deployed Bitnami’s “bitnami-wordpresspro-dm-fa11” which is WordPress with Nginx and SSL for Google Cloud Compute Engine. The settings for nginx will be a little different than those for apache. I’m trying to intuitively figure it out, but so far I haven’t successfully mapped the calls to the certificates to the correct location in /etc/letsencrypt/… so my site isn’t secure yet.

    Thanks!

    Reply
    • Leron Amin says

      February 15, 2018 at 1:45 pm

      Hi James,
      Thanks for the feedback!
      Unfortunately I won’t be doing any Nginx tutorials because Apache is the default server for most of the stacks covered in these tutorials.
      That being said, I would check StackOverflow for troubleshooting and Digital Ocean for some great Nginx tutorials.
      Let me know if you have any questions!
      Joe

      Reply
    • Jared says

      April 12, 2018 at 10:07 pm

      I had the exact same problem, I followed the Bitnami instruction here:
      https://docs.bitnami.com/google/apps/wordpress-pro/#how-to-auto-configure-a-lets-encrypt-certificate-in-your-stack
      and had mine up and running.
      Cheers,
      Jared

      Reply
  17. Marina Ficcio says

    February 12, 2018 at 11:17 am

    Hi Leo,
    Thanks for this tutorial, I did this a few months ago and today I receive an email from
    Let’s Encrypt Expiry Bot, is it normal? Is it going to renew automatically?
    Thank you very much.

    “Hello,
    Your certificate (or certificates) for the names listed below will expire in
    20 days (on 04 Mar 18 13:03 +0000). Please make sure to renew
    your certificate before then, or visitors to your website will encounter errors.
    ….”

    Reply
    • Leron Amin says

      February 12, 2018 at 5:36 pm

      Hi Marina,

      The auto-renew script from the first version of the tutorial didn’t seem to work for most people. For this reason, I created an updated tutorial that focuses specifically on how to configure auto-renewal for Let’s Encrypt SSL certificates, and you can view that tutorial here.

      Please reach out to me if you have any questions or encounter any issues while going through the tutorial.

      Talk to you soon,
      Joe

      Reply
      • Marina Ficcio says

        February 12, 2018 at 7:42 pm

        Hi Joe*,
        I will try this other tutorial!
        thank you very much!
        regards,
        Marina.

        Reply
        • Leron Amin says

          February 12, 2018 at 11:37 pm

          Sounds good – let me know if you have any questions!

          Reply
  18. Tejeshwar says

    February 5, 2018 at 8:11 am

    Hi, thanks for the great tutorial. I found the solutions before you approving my comment.

    please tell me can I use the below code. I have static IP address in order to eliminate duplicate code I wrote code like this. As of now everthing working perfectly.

    RewriteEngine On
    RewriteCond %{HTTP_HOST} ^XX\.XXX\.XXX\.XX$ [NC,OR]
    RewriteCond %{HTTP_HOST} ^example\.com
    RewriteRule ^(.*)$ https://example.com$1 [L,R=301]

    I have placed this code to force https in bitnami.conf file.

    And I also found this code but It doesn’t redirecting to my ip address to domain.

    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    Reply
    • Leron Amin says

      February 6, 2018 at 3:38 pm

      Hi Tejeshawar,

      If it is working for you, then go ahead with it!

      Also – You shouldn’t run into issues with Google Crawling your website’s external IP.

      If your DNS records are configured properly (according to the tutorial), your browser will automatically redirect from your IP to your domain.

      Let me know if you have any questions!

      Reply
  19. Mi says

    January 23, 2018 at 5:20 pm

    I think there were character missing errors on my latest post.
    Each <> step remarks on the post right below, respectively,

    3. Generate Certificates step

    4. Test Certificate Renewal step

    6. Configure the Certificates step

    7. Update Domain URLs Step

    8. Restart your Apache Server step.

    Reply
  20. Mi says

    January 23, 2018 at 5:12 pm

    Hi, Joe

    Thank you for your good introductions.
    I had success of the SSL Certificate Setup on my MAIN domain.
    Then when I tried the process again on my SUB domain, I got the SSL Certified SUB domain.
    But unfortunately, my SSL Certified MAIN domain came back to Non-Certificate state, instead.

    I will show you partly what I did on my SUB domain procedure. The rest was same with that of MAIN domain steps
    following your example , 1pagezen.com (MAIN domain) with subzen.1pagezen.com (SUB domain),

    Please, answer to me what point was wrong and should be modified when I try again the SSL Certificate Setup
    for both my MAIN and SUB domains.

    What I did :

    <<>> step

    (prompt)$ ./certbot-auto certonly –webroot -w /opt/bitnami/apps/wordpress/htdocs/ -d subzen.1pagezen.com -d http://www.subzen.1pagezen.com
    ….
    IMPORTANT NOTES:
    – Congratulations! Your certificate and chain have been saved at:
    /etc/letsencrypt/live/subzen.1pagezen.com/fullchain.pem
    Your key file has been saved at:
    /etc/letsencrypt/live/subzen.1pagezen.com/privkey.pem
    …

    <<>> step

    (prompt)$ ./certbot-auto renew –dry-run
    …
    Processing /etc/letsencrypt/renewal/subzen.1pagezen.com.conf
    …
    new certificate deployed without reload, fullchain is
    /etc/letsencrypt/live/subzen.1pagezen.com/fullchain.pem
    …
    Processing /etc/letsencrypt/renewal/1pagezen.com.conf
    …
    new certificate deployed without reload, fullchain is
    /etc/letsencrypt/live/1pagezen.com/fullchain.pem

    Congratulations, all renewals succeeded. The following certs have been renewed:
    /etc/letsencrypt/live/subzen.1pagezen.com/fullchain.pem (success)
    /etc/letsencrypt/live/1pagezen.com/fullchain.pem (success)
    …

    <<>> step

    (prompt)$ sudo nano /opt/bitnami/apache2/conf/bitnami/bitnami.conf

    ************In bitnami.conf file*****************
    …
    ServerName http://www.1pagezen.com
    ServerAlias 1pagezen.com
    Redirect / https://www.1pagezen.com/

    ServerName http://www.subzen.1pagezen.com
    ServerAlias subzen.1pagezen.com
    Redirect / https://www.subzen.1pagezen.com/

    SSLCertificateFile “/etc/letsencrypt/live/1pagezen.com/cert.pem”
    SSLCertificateKeyFile “/etc/letsencrypt/live/1pagezen.com/privkey.pem”
    SSLCertificateChainFile “/etc/letsencrypt/live/1pagezen.com/chain.pem”

    SSLCertificateFile “/etc/letsencrypt/live/subzen.1pagezen.com/cert.pem”
    SSLCertificateKeyFile “/etc/letsencrypt/live/subzen.1pagezen.com/privkey.pem”
    SSLCertificateChainFile “/etc/letsencrypt/live/subzen.1pagezen.com/chain.pem”
    …
    **********************************************

    <<>> step

    (prompt)$ sudo nano /opt/bitnami/apps/wordpress/htdocs/wp-config.php

    ************In wp-config.php file*****************
    …
    define(‘WP_HOME’, ‘https://www.1pagezen.com ‘);
    define(‘WP_SITEURL’, ‘https://www.1pagezen.com ‘);

    define(‘WP_HOME’, ‘https://www.subzen.1pagezen.com ‘);
    define(‘WP_SITEURL’, ‘https://www.subzen.1pagezen.com ‘);
    …
    define( ‘DOMAIN_CURRENT_SITE’, ‘1pagezen.com’ );
    define( ‘DOMAIN_CURRENT_SITE’, ‘subzen.1pagezen.com’ );

    define( ‘PATH_CURRENT_SITE’, ‘/’ );
    define( ‘SITE_ID_CURRENT_SITE’, 1 );
    define( ‘BLOG_ID_CURRENT_SITE’, 1 );

    /* That’s all, stop editing! Happy blogging. */
    …
    **************************************************

    <<>> step

    (prompt)$ sudo /opt/bitnami/ctlscript.sh restart apache

    ————-
    The end. Thank you.

    Reply
    • Leron Amin says

      January 23, 2018 at 6:21 pm

      Hi Mi,
      You should only have one certificate – and in this certificate, it should include every domain and sub-domain you will be using for your website (maximum 100).
      Let me know if you have any other questions,
      Joe

      Reply
      • Mi says

        January 25, 2018 at 4:08 pm

        Thank you for your answer.

        Then how can I apply the only one certificate of main domain to a sub-domain.

        For example, when I already have a SSL certificate for a main domain, 1pagezen.com,
        how can I apply it to a sub-domain, subzen.1pagezen.com ?
        Can you answer the steps in detail for the procedure?

        Reply
        • Leron Amin says

          January 25, 2018 at 7:24 pm

          Hi Mi,

          Configuring sub-domains is not a simple process. DigitalOcean has great tutorials on the subject if you would like to look into it.

          Also, if you’re going to be configuring multiple WordPress websites on individual subdomains, I would recommend using Bitnami’s WordPress Multisite stack. Check out their documentation here.

          Good luck and let me know if you have any questions. 🙂

          Reply
  21. Rachel says

    January 6, 2018 at 3:53 am

    Hi Joe

    Thanks again for your fab tutorials.

    I have a bit of a problem with this one – I went throug the tutorial step by step and all seemed to be successful until I viewed my site after completion and realised all of my images were missing from my website. I have the Really Simple SSL plugin installed which came back with the following error:

    System detection encountered issues
    A definition of a siteurl or homeurl was detected in your wp-config.php, but the file is not writable.

    Set your wp-config.php to writable and reload this page.

    Any help of how to do this would be appreciated?

    Thanks!
    Rachel

    Reply
    • Rachel says

      January 6, 2018 at 4:00 am

      Also forgot to ask is this the reason the images are missing?

      Reply
      • Leron Amin says

        January 7, 2018 at 2:25 pm

        Hi Rachel,

        The image problem could be related to insecure content errors, see this tutorial.

        If you can’t figure out the issue send me your site URL and I will take a look.
        Joe

        Reply
    • Leron Amin says

      January 7, 2018 at 2:20 pm

      Hi Rachel,

      Thanks for the feedback – I am glad the tutorials have helped you. 🙂

      In order to use a plugin such as Really Simple SSL, you would have to change the default permissions of your wp-config.php file to writable.

      You can change these permissions by running the following command:

      sudo chmod 777 /opt/bitnami/apps/wordpress/htdocs/wp-config.php

      Although this isn’t a recommended practice for security reasons, it will in fact allow the plugin to write to your wp-config.php file.

      Please let me know if you have any questions,
      Joe

      Reply
      • Isabel Da Guerra says

        January 7, 2018 at 2:58 pm

        Leron/Rachel hi,

        Saw this and not sure if this helps… After Rachel has done the previous steps of course.

        But great fast (smart) way to fix for SEO audit purposes is the Broken Link Checker plugin (By Janis Elsts, Vladimir Prelovac) that runs on my website.
        You may find/have a similar one but this is what I use.

        1. Inside WordPress dashboard > Settings > Link Checker

        – I have kept it at default 72 hour run settings
        – Custom select your choice of inside – Look for links in (Tab) and Which Links To Check (Tab)

        2. Inside WordPress dashboard > Tools > Broken Links

        All (454) |Broken (0) |Warnings (0) |Redirects (100) |Dismissed (0)

        It helps me see if there are any broken links on my website and I also check the redirect list of links its brought back. In it you can go in directly and fix some links (including website’s image links that are still reading hht instead of https)

        Cheers 😉

        Reply
        • Rachel says

          January 18, 2018 at 10:57 pm

          Thanks Isabel I’ll give that a go 🙂

          Reply
      • Rachel says

        January 18, 2018 at 10:56 pm

        Great thanks Joe, I had a feeling that was the case. Not sure if i’m comfortable doing that. Thank you again. Rachel.

        Reply
  22. Chris says

    January 5, 2018 at 9:26 pm

    Hi Joe,

    My certificate recently expired–I was getting warnings that it was about to expire, but I thought the auto-renew process would take over. I had set up the auto-renew process as you recommended. I’ve re-run the process you recommend in the tutorial.

    Is there a way to test the auto-renew process?

    Thanks for all of your education!

    Chris

    Reply
    • Leron Amin says

      January 5, 2018 at 10:12 pm

      Hi Chris,

      I’m sorry the script isn’t working for you – it hasn’t worked for some other people so I will look into it.

      In the meantime run the following command to renew your certificate:

      ./certbot-auto renew && sudo /opt/bitnami/ctlscript.sh restart apache

      I will notify you when the script it updated.

      Talk to you soon,
      Joe

      Reply
      • MC says

        January 17, 2018 at 10:43 pm

        Hi Joe,
        Same issue for me as well. Did not auto-renew, and was throwing security warnings to users until I noticed. The command above fixed it, but I too would love to be notified of updated auto-renew cron. Thanks again!

        Reply
        • Leron Amin says

          January 18, 2018 at 1:46 am

          Hi MC,
          I am aware of the issue and am currently working on a solution.
          I will send out on update via mailing list and will update the code on the tutorial.
          In the meantime, to manually renew your certificate, you can run:
          ./certbot-auto renew
          Let me know if you have any questions! 🙂

          Reply
  23. Eduardo Raymundo says

    January 4, 2018 at 5:46 pm

    Thanks, all perfect!

    Reply
    • Leron Amin says

      January 4, 2018 at 9:01 pm

      Great to hear! Congratulations on completing the tutorial successfully! 😀

      Reply
  24. Isabel Da Guerra says

    January 1, 2018 at 2:57 pm

    Okay thanks Joe, I see the differnce from previous SSL certificate install (Bitnami). Clearly it starts with installing git vs direct link to https://dl.eff.org/ and extras (chmod a+x certbot-auto).

    Question I have here is, what if I want to change my website to run through this SSL certificate channel via https://dl.eff.org/ as per your tutorial here… How do I uninstall git via the ‘apt-get install git-all’ command, installed previously ? Or/And if there are any other further steps I need to do?

    Also, can you briefly explain what the two differences are between the two previous/current. Obviously the latter is better but why? (just out of curiosity and for anyone who installed it via git and is reading this he he he) I know I’m a pain, sorry.

    Have a successful 2018 buddy 😉

    Reply
    • Leron Amin says

      January 1, 2018 at 5:27 pm

      Hi Isabel,

      The idea behind the second tutorial was simply to make it more ‘streamlined’, and to clear up some of the inefficiencies found in the first edition.
      Also, there was a mistake in the first edition of the tutorial, wherein the Certbot repository was being saved to the /tmp directory, which automatically clears over time.
      And you’re not a pain! – I am sure several other people have had this same question, however, you’re the only one who mustered the courage to ask.

      In the first edition of the tutorial, Git is downloaded to your home directory so you should be able to access the files by entering ls after connecting to your instance via SSH.
      I hope this answers your question (and thanks for asking it!)

      Wishing you a wonderful 2018 as well!

      Cheers, 🙂
      Joe

      Reply
      • Isabel Da Guerra says

        January 2, 2018 at 11:43 am

        Thank you Leron… I’m busy updating my domains and my clients, and all good he he 😉

        Reply
        • Leron Amin says

          January 2, 2018 at 2:45 pm

          Well I hope you don’t have too many sites to update… O_O
          And on the bright side you will know SSL configuration inside and out after doing it a million times! 😉

          Reply
  25. Benjamin says

    December 20, 2017 at 12:24 am

    Hello Joe,

    I got an error when trying to restart at step 8. Restart your Apache Server

    AH00526: Syntax error on line 51 of /opt/bitnami/apache2/conf/bitnami/bitnami.conf:
    SSLCertificateFile takes one argument, SSL Server Certificate file (‘/path/to/file’ – PEM or DER encoded)
    apache config test fails, aborting

    I’m not sure why because I added the 3 paths as per your example but is looks like something to do with the SSL certificate file paths.
    Pls let me know what you think and any possible direction for a solution.
    Best regards,
    Ben

    Reply
    • Leron Amin says

      December 20, 2017 at 12:48 am

      Hi Benjamin,

      Contact me through the OnePageZen Facebook page and send me a screenshot of your 3 lines as they are listed in your bitnami.conf file.

      Talk to you soon,
      Joe

      12/29/17 UPDATE: To fix this problem, make sure there is not spaces after either of your three certificate paths listed in your bitnami.conf file.

      Reply
  26. Benjamin says

    December 19, 2017 at 8:28 pm

    Hello Joe,
    Have installed a moodle (bitnami) instance on CGP, reserved a static ip address, and transfered a domain name so all going good so far!

    I have a question at 3. Generate Certificates. of your tutorial.
    What would the command look like when creating a certificate for a moodle (bitnami) instance?
    I just realise that the following command in your example is going to be incorrect!

    ./certbot-auto certonly –webroot -w /opt/bitnami/apps/wordpress/htdocs/ -d hocvietngu.com -d www.hocvietngu.com

    However when I look at the following site (see link below) they are using an OpenSSL example, I think,

    >How To Create An SSL Certificate? > Create a certificate:
    The example code is:
    sudo openssl req -new -key /opt/bitnami/apache2/conf/server.key -out /opt/bitnami/apache2/conf/cert.csr

    https://docs.bitnami.com/google/apps/moodle/

    So I am confused. Could you please help me out a little here?
    Would i just need to replace the text “wordpress” to “moodle” in the first command snippet above?

    Best regards,
    Ben

    Reply
    • Leron Amin says

      December 19, 2017 at 9:08 pm

      Hi Ben,

      Exactly like you said – run the command but replace wordpress with moodle. The directory path should be:
      /opt/bitnami/apps/moodle/htdocs/ instead of /opt/bitnami/apps/wordpress/htdocs/

      Also, don’t run the Open SSL command; that’s for issuing self-signed certificates and is irrelevant to this tutorial.

      You are on the right path! Let me know if this answer doesn’t make sense to you or if you have any questions!

      Talk to you soon,
      Joe

      Reply
      • Benjamin says

        December 19, 2017 at 9:42 pm

        Hello Joe,

        Everything going well…and up to Step 7 Update Domain URLs but have hit an issue!

        The following config file is wordpress specific i think. So i can’t us
        sudo nano /opt/bitnami/apps/moodle/htdocs/wp-config.php

        So I just removed the “wp-” extension and left the config.php file as seen below.

        sudo nano /opt/bitnami/apps/moodle/htdocs/config.php

        That’s gets me into a file with the following lines:
        But I don’t see the define example listed but I do see similar code for the domain. if i added my domain here “www.hocvietngu.com” which part of the line would i need to remove?

        ‘https://’ . $_SERVER[‘HTTP_HOST’];

        dbtype = ‘mysqli’;
        $CFG->dblibrary = ‘native’;
        $CFG->dbhost = ‘localhost’;
        $CFG->dbname = ‘bitnami_moodle’;
        $CFG->dbuser = ‘bn_moodle’;
        $CFG->dbpass = ‘0bfd904c0a’;
        $CFG->prefix = ‘mdl_’;
        $CFG->dboptions = array (
        ‘dbpersist’ => 0,
        ‘dbport’ => 3306,
        ‘dbsocket’ => ‘/opt/bitnami/mysql/tmp/mysql.sock’,
        ‘dbcollation’ => ‘utf8_general_ci’,
        );
        if (empty($_SERVER[‘HTTP_HOST’])) {
        $_SERVER[‘HTTP_HOST’] = ‘127.0.0.1:80’;
        };
        if (isset($_SERVER[‘HTTPS’]) && $_SERVER[‘HTTPS’] == ‘on’) {
        $CFG->wwwroot = ‘https://’ . $_SERVER[‘HTTP_HOST’];
        } else {
        $CFG->wwwroot = ‘http://’ . $_SERVER[‘HTTP_HOST’];
        };
        $CFG->dataroot = ‘/opt/bitnami/apps/moodle/moodledata’;
        $CFG->admin = ‘admin’;
        $CFG->directorypermissions = 02775;
        $CFG->passwordsaltalt1 = ‘ba43a08e2f3577bf6b434c1229b33238187fd4457d1ca29dc37a6fcfd2093349’;
        $CFG->passwordsaltmain = ‘493f919255f39b4f1b5f9c2f7af9d588628b04e26df41d84c4f008900b3e93cd’;
        require_once(__DIR__ . ‘/lib/setup.php’);
        // There is no php closing tag in this file,
        // it is intentional because it prevents trailing whitespace problems!

        Reply
        • Benjamin says

          December 19, 2017 at 9:51 pm

          Hey Joe,
          Would this line be correct? with apostrophe and semicolon?

          $CFG->wwwroot = ‘https:www.hocvietngu.com’;
          } else {
          $CFG->wwwroot = ‘http:www.hocvietngu.com’;

          Reply
          • Leron Amin says

            December 20, 2017 at 12:43 am

            Hi Benjamin,

            Use the following code, however, make sure to use the ‘ character by your escape button on your keyboard, not the ‘ by your enter key.
            My WP theme for some reason will automatically convert ` to ‘ so make sure that you don’t just copy and paste the code below. But this is what the code should look like:

            $CFG->wwwroot = ‘https://www.hocvietngu.com’;
            
            } else {
            $CFG->wwwroot = ‘http://www.hocvietngu.com’;

            Let me know if this works.
            Talk to you soon,
            Joe

  27. astheboy says

    December 13, 2017 at 2:28 pm

    Good morning
    You are installing SSL according to the tutorial you have created. However, it can not be executed in the steps below.
    What is the problem?

    astheboy@wordpress-vm:~$ ./certbot-auto certonly –webroot -w /opt/bitnami/apps/wordpress/htdocs/ -d cslab.me
    Requesting to rerun ./certbot-auto with root privileges…
    Usage: certbot-auto [OPTIONS]
    A self-updating wrapper script for the Certbot ACME client. When run, updates
    to both this script and certbot will be downloaded and installed. After
    ensuring you have the latest versions installed, certbot will be invoked with
    all arguments you have provided.

    Help for certbot itself cannot be provided until it is installed.

    –debug attempt experimental installation
    -h, –help print this help
    -n, –non-interactive, –noninteractive run without asking for user input
    –no-bootstrap do not install OS dependencies
    –no-self-upgrade do not download updates
    –os-packages-only install OS dependencies and exit
    -v, –verbose provide more output
    -q, –quiet provide only update/error output;
    implies –non-interactive

    All arguments are accepted and forwarded to the Certbot client when run.

    Reply
    • Leron Amin says

      December 14, 2017 at 1:53 pm

      Hi Astheboy,
      This is not an error that I have come across before.
      What you should do is open a support ticket on the LetsEncrypt forums and see if one of their developers can help you.
      Talk to you soon,
      Joe

      Reply
  28. rajender says

    December 13, 2017 at 3:35 am

    rajender_rajotia@pilibangan-vm:~$ sudo /opt/bitnami/ctlscript.sh restart apache
    Unmonitored apache
    AH00526: Syntax error on line 68 of /opt/bitnami/apache2/conf/bitnami/bitnami.conf:
    Invalid command ‘OB’, perhaps misspelled or defined by a module not included in the server configuration
    apache config test fails, aborting
    AH00526: Syntax error on line 68 of /opt/bitnami/apache2/conf/bitnami/bitnami.conf:
    Invalid command ‘OB’, perhaps misspelled or defined by a module not included in the server configuration
    apache config test fails, aborting
    Monitored apache
    rajender_rajotia@pilibangan-vm:~$

    help sir in the last step i get this message

    Reply
    • Leron Amin says

      December 13, 2017 at 12:09 pm

      Hi Rajender,
      This means there is an error in your bitnami.conf file on line 68.
      So you will need to open the file and check line 68 for an error.
      Use CTRL + SHIFT + – in order to jump to a specific line once you’ve opened the file in Nano.
      Let me know if you have any other questions,
      Joe

      Reply
  29. Mi says

    December 11, 2017 at 9:22 am

    Hi, Joe

    I have a question about Free SSL Certificate Setup for Subdomains
    instead a main domain.

    If I replace the domain name with a subdomain name,
    following your example , 1pagezen.com (main domain) with subzen.1pagezen.com (sub domain),
    the rest procedure is exactly same with that of the main domain steps except for the domain name ??

    If it is different, can you introduce it for subdomains in detail like this website(for main domain) ?
    Thanks.

    Reply
    • Leron Amin says

      December 11, 2017 at 12:38 pm

      Hi Mi,
      That is correct. 🙂 You just need to list the subdomains in the certificate, just like you would list your primary domain.
      You are allowed to list up to 100 domains / subdomains in a single certificate.
      Please let me know if you have any other questions,
      Joe

      Reply
  30. Lee says

    December 4, 2017 at 12:03 am

    Thanks for the good tutorial. One question is,
    can I use the Free SSL Certificate in your tutorial, including the auto-renewing,
    for WordPress websites(domain and sub-domains) of a small “commercial enterprise” on Google Cloud Platform ??
    In addition, if there is a license website on that, can you let us know or link it ??
    Thank you again.

    Reply
    • Leron Amin says

      December 4, 2017 at 1:09 pm

      Hi Lee,
      You will have to look over the policies and legal repository for Let’s Encrypt and also the Certbot license conditions.
      I hope this answers your question, 🙂
      Joe

      Reply
  31. Steve says

    November 30, 2017 at 11:12 am

    Hi Joe,

    Thank you very much for your kindness support, I would not able to do anything if I did not see your video and tutorials. Yesterday I moved my site to Google Cloud and it takes over one day to do that. It was really tired.

    But I still have two more question, it would be great if you could help me and everybody

    1. My site after setup the SSL certificate, it still appears the sign that is not secure 100% (images..) How can I fix that?

    You could see from here: https://www.hienthaoshop.com/

    2. I was built the Bitnami WordPress, but that platform seems to conflict with the W3 Total Cache, so now my site speed on Google Speed Check even a litter bit slower. Is there any way I can fix it? Or can I remove the Bitnami Speed Check on my site?

    Thank you for your kindness sharing!

    Best Regards
    Steve

    Reply
    • Leron Amin says

      November 30, 2017 at 11:37 am

      Hey Steve,

      You website is serving insecure HTTP images – this is a very common problem with SSL, and is easy to fix.
      Check out this tutorial to learn how to fix the problem.

      Also, either W3 Total Cache or WP Super Cache works better than the other on Bitnami installs – but I forget which one it is. If W3 isn’t working for you, I would give WP Super Cache a try, or else check out the section of Bitnami’s documentation dedicated to configuring W3 Total Cache.

      Let me know if you have any questions, 🙂
      Joe

      Reply
      • Steve Vu says

        December 1, 2017 at 12:50 pm

        Hi Joe,

        Thank you very much for your time and your advice yesterday.
        I follow your instruction and I already fixed the insecure HTTP image. Again, thank you very much for that.

        I still have only one problem that I could not install W3 total Cache nor WP Super Cache properly. Both of the caches plugin requires the configuration in wp-cofig.php and htacess

        For example, below is the warning when I installed W3 Total Cache.

        ” FTP credentials don’t allow to write to file /opt/bitnami/apps/wordpress/htdocs/wp-config.php”
        W3 Total Cache Error: Files and directories could not be automatically created to complete the installation.
        Please execute commands manually

        Edit file /opt/bitnami/apps/wordpress/htdocs/wp-config.php and add next lines:
        /** Enable W3 Total Cache */
        define(‘WP_CACHE’, true); // Added by W3 Total Cache

        W3 Total Cache error: It appears Minify URL rewriting is not working. Please verify that the server configuration allows .htaccess
        Unfortunately, minification will not function without custom rewrite rules. Please ask your server administrator for assistance. Also, refer to the install page for the rules for your server.”

        I read the instruction from https://docs.bitnami.com/google/apps/wordpress/ but I cannot edit because simply I do not know how to do it.

        Could you give me some advice on how to access and modify the /opt/bitnami/apps/wordpress/htdocs/wp-config.php

        If you could make a tutorial about this, I think many viewers will see. Because I searched on the internet, this matter has a very poor instruction.

        I am very sorry for taking your time. And I really looking forward your support

        Thanks & Regards
        Steve
        https://www.hienthaoshop.com/

        Reply
        • Leron Amin says

          December 4, 2017 at 12:58 pm

          Hey Steve,

          In Google Cloud, you will need to click on the SSH button next to the instance that is running your website in order to connect to it.

          Next, enter the command sudo nano /opt/bitnami/apps/wordpress/htdocs/wp-config.php to open up your wp-config.php file.

          Next, paste the following at the bottom of your wp-config.php file:
          /** Enable W3 Total Cache */
          define(‘WP_CACHE’, true); // Added by W3 Total Cache

          Next, press CTRL + X at the same time, then press Y to save changes, then press “Enter”.

          Finally, run the restart command:
          sudo /opt/bitnami/ctlscript.sh restart

          Let me know if you have any questions. 🙂
          Joe

          Reply
          • Steve says

            December 5, 2017 at 5:27 am

            Hi Joe,

            Thank you so much for your support. I follow your instruction, it appears the below request:

            W3 Total Cache error: It appears Page Cache URL rewriting is not working. Please verify that the server configuration allows .htaccess
            Unfortunately disk enhanced page caching will not function without custom rewrite rules. Please ask your server administrator for assistance. Also refer to the install page for the rules for your server.

            In fact, before that, I had to set the command: sudo chmod 777 /opt/bitnami/apps/wordpress/htdocs/wp-content

            And the error above is the only one problem left. I read the info from Bitnami, they try to hide the .htaccess file and they require to change the new .htaccess.conf

            The problem is I do not know how to change it.

            Could you help me, please?

            Thanks & Regards
            Steve

          • Leron Amin says

            December 5, 2017 at 11:42 am

            Hey Steve,

            It seems that there are multiple issues at play.

            What you should do is open a support ticket at the Bitnami Community forums, and describe your issue in detail. The Bitnami engineers will know exactly how to fix the problem.

            In the meantime, the solution you’re looking for is probably something similar to Beltran’s response in this thread.

            Good luck and let me know if you have any questions! 🙂
            Joe

          • Steve says

            December 5, 2017 at 6:20 am

            Hi Joe,

            I would like to describle again what I did for the setting of W3 Total Cache:

            Before installing the W3 Total Cache, I run the command:

            sudo chmod 777 /opt/bitnami/apps/wordpress/htdocs/wp-content

            After that, I created the fie: sudo nano /opt/bitnami/apps/wordpress/htdocs/wp-config.php as your advice

            And I paste the code: /** Enable W3 Total Cache */
            define(‘WP_CACHE’, true); // Added by W3 Total Cache

            And I save it and I restart Apache: sudo /opt/bitnami/ctlscript.sh restart

            But the W3 Total Cache still requests me as below:

            W3 Total Cache error: It appears Page Cache URL rewriting is not working. Please verify that the server configuration allows .htaccess
            Unfortunately disk enhanced page caching will not function without custom rewrite rules. Please ask your server administrator for assistance. Also refer to the install page for the rules for your server.

            I know Bitnami disable .htacceess file and allow us to create or modify the .htaccess.conf in stead

            However, I don’t know how to FIND and SHOW the .htacceess.conf file for the modification

            Can you instruct to me some commands to find show the .htaccesss.conf on SSH mode?

            Also, what code I should use to insert into that file in order to allow .htaccess.conf work properly with W3 Total Cache? (allow rewriting matter)

            Looking your reply soon and many thanks for your kindness help

            Thanks & Regards
            Steve
            http://www.hienthaoshop.com

  32. Amit Kachere says

    November 26, 2017 at 11:44 pm

    Hey there,
    Thanks for this valuable article.
    I got free SSL for my site with this method.
    Once again thanks for this!!!!!!!!!

    Reply
    • Leron Amin says

      November 27, 2017 at 12:15 am

      Hi Amit,
      I am glad to hear the tutorial was helpful to you!
      Thanks for taking the time to leave feedback. 🙂
      Joe

      Reply
  33. Dev says

    November 20, 2017 at 9:54 am

    Hi Leron is there no requirement to make changes to /etc/apache2/sites-available/default-ssl.conf in bitnami wordpress?

    Reply
    • Leron Amin says

      November 20, 2017 at 10:16 am

      Hi Dev,
      You don’t need to do anything with the default-ssl.conf.
      Talk to you soon, 🙂
      Joe

      Reply
  34. Bimbimz says

    November 14, 2017 at 9:39 pm

    Hello bro,

    I done install it, but i want change that will comodo.
    and How to Uninstall it ?

    Thx

    Reply
    • Leron Amin says

      November 15, 2017 at 9:31 am

      Hi Bimbimz,
      Just put a # sign next to the certificate file paths in the .conf file, or delete them.
      You can delete the Certbot and LetsEncrypt files and directories by using the commands from the Linux commands list.
      I hope this answers your question.
      Joe

      Reply
      • Bimbimz says

        November 16, 2017 at 9:30 pm

        yes it helps,

        I have another question:
        I tried to use SSL from comodo, and I have trouble setting it up in:

        sudo nano /opt/bitnami/apache2/conf/bitnami/bitnami.conf
        sudo nano /opt/bitnami/apps/wordpress/htdocs/wp-config.php

        and this is my setting:

        SSLCertificateFile “/opt/bitnami/apache2/conf/comodo/server.crt”
        SSLCertificateKeyFile “/opt/bitnami/apache2/conf/comodo/server.key”
        SSLCertificateChainFile “/opt/bitnami/apache2/conf/comodo/mydomain.ca-bundle”

        can you help me master?

        Reply
        • Leron Amin says

          November 20, 2017 at 10:53 am

          Hi Bimbimz,
          I only offer support for configuring Let’s Encrypt certificates as shown in this tutorial.
          If you’re curious on how to install Comodo certificates, check out this tutorial.
          Hope this helps,
          Joe

          Reply
    • Leron Amin says

      November 15, 2017 at 9:31 am

      Hi,
      Just put a # sign next to the certificate file paths in the .conf file, or delete them.
      You can delete the Certbot and LetsEncrypt files and directories by using the commands from the Linux commands list.
      I hope this answers your question.
      Joe

      Reply
  35. Jonathan says

    November 10, 2017 at 6:52 am

    Worked perfectly, thank you so so much!

    Reply
    • Leron Amin says

      November 10, 2017 at 8:03 am

      Hi Jonathan,
      I’m glad to hear it worked for you!
      Thanks,
      Joe

      Reply
  36. Anthony says

    November 5, 2017 at 12:19 am

    Hi Joe,

    Great tutorial! I got the SSL to work on my main site. Just wondering how I go about setting up SSL to work on subdomains and mapped domains that exist now and in future when I add more mapped domains?

    This is my setup:

    In wordpress:
    rocketwebber.com is my main domain running on multisite.

    example1.rocketwebber.com is a subdomain mapped to example1.com

    In google:
    I have zone name rocketwebber.com and example1.com

    example1.com has an A record that points to the IP for rocketwebber.com

    rocketwebber.com has an A record: example1.rocketwebber.com that points to the IP for rocketwebber.

    Please help

    Reply
    • Leron Amin says

      November 13, 2017 at 12:23 pm

      Hi Anthony,

      For securing multiple top-level and subdomains in a multisite installation, you will have to install the Domain Mapping plugin. Also, check out the Bitnami Multisite documentation about how to properly configure SSL.

      Configuring multiple domains with SSL on single virtual machines is complicated and usually takes some trial and error. Anyways, check out the link above, it should point you in the right direction. Let me know if you have any questions.

      Talk to you soon, 🙂
      Joe

      Reply
  37. Conor says

    October 24, 2017 at 8:37 am

    Hey Folks,
    So followed the tutorial, everything seemed to work perfectly. It shows in wordpress, https:// mydomain.com secure.
    However, when I do an ssl checker on it I get the following warnings below:

    1. The certificate is self-signed. Users will receive a warning when accessing this site unless the certificate is manually added as a trusted certificate to their web browser. You can fix this error by buying a trusted SSL certificate

    2. None of the common names in the certificate match the name that was entered (www.mydomain.com). You may receive an error when accessing this site in a web browser. Learn more about name mismatch errors.

    As it shows the cert has been created but it still shows up in the browser that it url is insecure.
    Wondering if anyone has had the same problems before?

    Thanks very much 🙂

    Reply
  38. Conor says

    October 23, 2017 at 4:00 am

    Hey guys,
    Awesome tutorial! I would like to add subdomains to my domain and get the certbot to issue a cert for both the domain and the subdomains. Is the easiest way to just add the domains after directory like so: -d domain.com, subdomain1.domain.com, subdomain2.com and so?

    Thanks very much

    Reply
    • Leron Amin says

      October 23, 2017 at 4:24 pm

      Hey Conor,

      The format would be -d one.example.com -d two.example.com -d three.example.com

      Hope this answers your question!
      Joe

      Reply
      • Conor says

        October 24, 2017 at 3:19 am

        Thanks Leron, spot on!

        Reply
  39. Shadman Alam says

    October 20, 2017 at 2:58 pm

    Hey Leron,

    I follow your step but unfortunately my website is totally down and not opening while i try to install ssl certificate.
    I follow your each step but when in i use this command nly –webroot -w /opt/bitnami/apps/wordpress/htdocs/ -d teh1one.com -d http://www.tech1one.com
    I found error NXDOMAIN

    Please help me out i totally helpless. I try my best to resolve my issue always facing same issue that create A/AAA record i already created all the records but i unable to install ssl certificate and also unable to open my website.

    Please help me out this.

    Reply
    • Leron Amin says

      October 20, 2017 at 6:44 pm

      Hi Shadman,
      You have misspelled tech1one in your certificate issuing command.
      Fix that and you likely won’t see that error anymore.
      Let me know if you have any other questions.
      Thanks,
      Joe

      Reply
      • Shadman Alam says

        October 20, 2017 at 9:54 pm

        Actually misspelled only here on my comment but when i write the code on VM Console i write exactly my domain name.

        While issuing certificate always give same error message.

        Please help me out.

        Reply
        • Leron Amin says

          October 21, 2017 at 1:44 am

          Hi Shadman,
          The causes of the error are likely that your DNS is not configured properly, that your Domain hasn’t resolved to your new website on GCP, or that the certificate issuing command isn’t being executed properly. What I would do is go over the links at the top of the tutorial page and make sure that you completed each of the 3 pre-requisite tutorials successfully. Check for any errors etc.
          You may also have to do some troubleshooting on StackOverflow and Google.
          Hope this information is helpful! 😀
          Talk to you soon,
          Joe

          Reply
  40. M Clouds says

    October 20, 2017 at 4:56 am

    I would love to see these tutorials continue with setting up Google Cloud CDN!

    Reply
    • Leron Amin says

      October 20, 2017 at 11:49 am

      Hi M Clouds,
      That tutorial will be published soon – stay tuned! 😀
      Joe

      Reply
  41. Matheus Santana says

    October 19, 2017 at 8:13 pm

    Hello Leron,

    I change the domain of my site, and I’m getting troubles to install a new ssl cert because the older domain cert.. How I remove this to install a new cert??

    The new domain is empregobahia.com

    Reply
    • Leron Amin says

      October 19, 2017 at 11:25 pm

      Hey Matheus,
      You can simply redo the tutorial: the Certbot client will ask if you want to overwrite your old certificates – choose “Yes”.
      Also – make sure that when you re-do each step, you use your new domain name and not your old one.
      Let me know if you have any questions 😀
      Joe

      Reply
      • Matheus Santana says

        October 20, 2017 at 2:37 pm

        I’m getting this error when I try install the certificate in new domain…

        What I’ve to do?

        IMPORTANT NOTES:
        – The following errors were reported by the server:
        Domain: empregobahia.com
        Type: connection
        Detail: Fetching
        http://www.empregobahia.com/.well-known/acme-challenge/ndukTUUaegNI7gmVgtwMv7L_u-6fN0Xuzf4qgjRpU_w:
        Error getting validation data
        Domain: http://www.empregobahia.com
        Type: connection
        Detail: Fetching
        http://www.empregobahia.com/.well-known/acme-challenge/fGhD_SXVCPhLV5egw-4rhWGz5RA0Zr8S2nBP4H8vqIw:
        Error getting validation data

        To fix these errors, please make sure that your domain name was
        entered correctly and the DNS A/AAAA record(s) for that domain
        contain(s) the right IP address. Additionally, please check that
        your computer has a publicly routable IP address and that no
        firewalls are preventing the server from communicating with the
        client. If you’re using the webroot plugin, you should also verify
        that you are serving files from the webroot path you provided.

        Reply
        • Leron Amin says

          October 20, 2017 at 6:47 pm

          Hi Matheus,
          Are you using the right tutorial?
          Remember there are both Bitnami and Click-to-Deploy tutorials. If you are using Click-to-Deploy, you need to make sure that all future tutorials are designed for Click-to-Deploy. The same goes for Bitnami.
          Talk to you soon, 🙂
          Joe

          Reply
          • Matheus Santana says

            October 20, 2017 at 7:21 pm

            Good News!! I found the error

            Was the line

            ServerName http://www.mydomain.com
            ServerAlias mydomain.com
            Redirect / https://www.mydomaincom/

            I removed this line and installed the new cert…

            Everything is normal now…. Buuuut at /wp-admin appear not secure.

            What can it be?

            Joe!

          • Leron Amin says

            October 21, 2017 at 1:36 am

            Hi Matheus,
            It is usually caused by an insecure content error, as shown in step 1 of this tutorial. As the tutorial shows, you will have to inspect the page and see which element is causing the error.
            Hope this helps! 😀
            Joe

  42. Peter says

    October 3, 2017 at 2:59 am

    This is the full step i go through. Please take a look and see which step i go wrong.

    1, Install CertBot Client
    2, Generate Certificates
    3, Test Certificate Renewal

    & i got the result like this:
    IMPORTANT NOTES: – Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/badmintonvillage.com/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/badmintonvillage.com/privkey.pem Your cert will expire on 2018-01-01.

    5, Setup Auto-Renewal
    & i got the result like this:
    Congratulations, all renewals succeeded. The following certs have been renewed

    6, Configure the Certificates
    I have added servername, serverAlias, Redirect (my actual domain)

    DocumentRoot “/opt/bitnami/apache2/htdocs”

    ServerName http://www.mydomain.com
    ServerAlias mydomain.com
    Redirect / https://www.domain.com/

    & I have added # sign next to each of the two placeholder certificates & paste the path to your three SSL certificate files
    #SSLCertificateFile “/opt/bitnami/apache2/conf/server.crt”
    #SSLCertificateKeyFile “/opt/bitnami/apache2/conf/server.key”
    SSLCertificateFile “/etc/letsencrypt/live/mydomain.com/cert.pem”
    SSLCertificateKeyFile “/etc/letsencrypt/live/mydomain.com/privkey.pem”
    SSLCertificateChainFile “/etc/letsencrypt/live/mydomain.com/chain.pem”

    7, Update Domain URLs
    Then i REPLACE THIS:

    define(‘WP_SITEURL’, ‘http://’ . $_SERVER[‘HTTP_HOST’] . ‘/’);
    define(‘WP_HOME’, ‘http://’ . $_SERVER[‘HTTP_HOST’] . ‘/’);

    WITH THIS:

    define(‘WP_HOME’,’https://www.mydomain.com’);
    define(‘WP_SITEURL’,’https://www.mydomain.com’);

    8, Restart Apache Server by this code: sudo /opt/bitnami/ctlscript.sh restart apache

    Result:
    restart apacheUnmonitored apacheAH00526: Syntax error on line 53 of /opt/bitnami/apache2/conf/bitnami/bitnami.conf:SSLCertificateFile: file ‘/etc/letsencrypt/live/ badmintonvillage.com/cert.pem’ does not exist or is emptyapache config test fails, abortingAH00526: Syntax error on line 53 of /opt/bitnami/apache2/conf/bitnami/bitnami.conf:SSLCertificateFile: file ‘/etc/letsencrypt/live/ badmintonvillage.com/cert.pem’ does not exist or is emptyapache config test fails, abortingMonitored apache

    But Eventually couldn’t Work properly. It mentioned that letsencrypt/live/ badmintonvillage.com/cert.pem’ does not exist.

    Thank You Very Much!

    Reply
    • Leron Amin says

      October 3, 2017 at 10:28 am

      Hey Peter,

      All of the text that says mydomain.com needed to be replaced with you own domain name, which in this case is badmintonvillage.com.
      You will need to go back through the tutorial and fix steps 6 & 7 and make sure badmintonvillage is listed in the place of mydomain.

      Also, make sure a cert.pem was actually generated. You can check by executing the following command in your SSH terminal:
      ls /etc/letsencrypt/live/badmintonvillage.com/

      The folder should show around 4 certificate files, one of them being cert.pem.

      Let me know if you have any questions, 🙂
      Joe

      Reply
      • Peter says

        October 3, 2017 at 8:26 pm

        Dear Joe,

        Thanks for your reply,

        I have updated the domain to badmintonvillage.com & redo configuring the certificates & update the domain URL.

        However, when i put the command: ls /etc/letsencrypt/live/badmintonvillage.com/

        The result shows:
        ls: cannot access /etc/letsencrypt/live/badmintonvillage.com/: Pe
        rmission denied

        Reply
        • Leron Amin says

          October 3, 2017 at 9:09 pm

          Hey Peter – my bad… try running the command as sudo:

          sudo ls /etc/letsencrypt/live/badmintonvillage.com/

          Talk to you soon, 🙂
          Joe

          Reply
          • Peter says

            October 3, 2017 at 9:24 pm

            Thanks for your reply!

            After typing the command: sudo ls /etc/letsencrypt/live/badmintonvillage.com/

            The Result:
            ~$ sudo ls /etc/letsencrypt/live/
            badmintonvillage.com/
            cert.pem chain.pem fullchain.pem privkey.pem README
            starwargift@badmintonvillage-vm:~$

            Still not successfully get the SSL

          • Leron Amin says

            October 3, 2017 at 9:56 pm

            Hey Peter,

            I need you to copy some text and send me it to me.

            Will you please open your bitnami.conf folder using the following command:
            sudo nano /opt/bitnami/apache2/conf/bitnami/bitnami.conf

            Next, copy the 3 lines at the top of the page that look similar to this: (Important: DO NOT type CTRL+C in nano, to copy, simply highlight the text and it will copy automatically)
            ServerName http://www.1pagezen.com
            ServerAlias 1pagezen.com
            Redirect / https://www.1pagezen.com/

            Next, scroll down the page, and copy the three lines of code that look similar to this:

            SSLCertificateFile “/etc/letsencrypt/live/1pagezen.com/cert.pem”
            SSLCertificateKeyFile “/etc/letsencrypt/live/1pagezen.com/privkey.pem”
            SSLCertificateChainFile “/etc/letsencrypt/live/1pagezen.com/chain.pem”

            Please send me all of the 6 lines of code as they appear in your file.

            I will look over the code and make a recommendation from there.

            Talk to you soon, 😀
            Joe

          • Peter says

            October 3, 2017 at 10:40 pm

            Dear Joe,

            The situation now is my web will auto show https, but the green lock doesn’t show up.

            The 3 lines at the top of the page of this command: sudo nano /opt/bitnami/apache2/conf/bitnami/bitnami.conf

            ServerName http://www.badmintonvillage.com
            ServerAlias badmintonvillage.com
            Redirect / https://www.badmintonvillage.com/# Default Virtual Host configuration.

            The 3 line at the middle:

            SSLCertificateFile “/etc/letsencrypt/live/badmintonvillage.com/cert.pem”
            SSLCertificateKeyFile “/etc/letsencrypt/live/badmintonvillage.com/privkey.pem”
            SSLCertificateChainFile “/etc/letsencrypt/live/badmintonvillage.com/chain.pem”

          • Leron Amin says

            October 3, 2017 at 11:29 pm

            Hey Peter,

            That looks good.

            I ran an SSL report on your certificates, and it’s showing that your certificates were issued for example.com.

            You will likely need to re-issue the certificates using the following command:
            ./certbot-auto certonly –webroot -w /opt/bitnami/apps/wordpress/htdocs/ -d badmintonvillage.com -d http://www.badmintonvillage.com

            The above command is from step 3 of the tutorial – it’s the only step you need to repeat.

            You won’t need to change anything in your bitnami.conf since the file paths will remain the unchanged.

            Let me know once you’ve done this.

            Talk to you soon, 🙂
            Joe

          • Peter says

            October 3, 2017 at 11:37 pm

            Dear Joe,

            Thanks for your reply!

            Still cant connect to SSL. The result shows:

            Connected, host fingerprint: ssh-rsa 2048 A3:B3:9A:E2:2E:7B:A3:96:DC:21:C4:D0:E7:72:71:99:87:1B:4F:AC

            The programs included with the Debian GNU/Linux system are free software;
            the exact distribution terms for each program are described in the
            individual files in /usr/share/doc/*/copyright.

            Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
            permitted by applicable law.
            ___ _ _ _
            | _ |_) |_ _ _ __ _ _ __ (_)
            | _ \ | _| ‘ \/ _` | ‘ \| |
            |___/_|\__|_|_|\__,_|_|_|_|_|

            *** Welcome to the Bitnami WordPress 4.8.2-0 ***
            *** Documentation: https://docs.bitnami.com/google/apps/wordpress/ ***
            *** https://docs.bitnami.com/google/ ***
            *** Bitnami Forums: https://community.bitnami.com/ ***
            starwargift@badmintonvillage-vm:~$ ./certbot-auto certonly –webroot -w /opt/bitnami/apps/wordpress/htdocs/ -d badmintonvillage.com -d http://www.badmintonvillage.com
            Requesting to rerun ./certbot-auto with root privileges…
            Requested name http://www.badmintonvillage.com appears to be a URL, not a FQDN. Try again without the leading “http://”.
            starwargift@badmintonvillage-vm:~$

          • Leron Amin says

            October 4, 2017 at 12:11 am

            Hey Peter,

            The domains in the command that I sent you SHOULD NOT have an http or https in front of them.

            Annoyingly, the http and https prefixes are added automatically when posting comments on WordPress.

            Try re-issuing the command but make sure the commands after each -d DO NOT include http or https, simply with www or without www.

            ./certbot-auto certonly –webroot -w /opt/bitnami/apps/wordpress/htdocs/ -d badmintonvillage.com -d http://www.badmintonvillage.com

            Talk to you soon, 😀
            Joe

          • Peter says

            October 4, 2017 at 12:28 am

            Dear Joe,

            I have removed the HTTP / HTTPS on the command.
            The web still cant access SSL while the result said that Certbot can obtain and install HTTPS/TLS/SSL certificates.

            The result:
            Certbot can obtain and install HTTPS/TLS/SSL certificates. By default,
            it will attempt to use a webserver both for obtaining and installing the
            certificate.
            certbot: error: unrecognized arguments: –webroot
            starwargift@badmintonvillage-vm:~$ ./certbot-auto certonly –webroot -w /opt/bitnami/apps/wordpress/htdocs/ -d badmintonvillage.com -d http://www.badmintonvillage.com
            Requesting to rerun ./certbot-auto with root privileges…
            usage:
            certbot-auto [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] …

            Certbot can obtain and install HTTPS/TLS/SSL certificates. By default,
            it will attempt to use a webserver both for obtaining and installing the
            certificate.
            certbot: error: unrecognized arguments: –webroot
            starwargift@badmintonvillage-vm:~$

          • Leron Amin says

            October 4, 2017 at 12:37 am

            Hey Peter,

            Try again, but this time copy and paste the command from the tutorial itself, don’t copy and paste it from my comments.

            The comments on WordPress aren’t formatted as standard HTML (which is what is in the grey boxes in the tutorial); that’s why the “-” symbol in front of webroot isn’t being recognized by your SSH terminal.

            Talk to you soon, 🙂
            Joe

          • Peter says

            October 4, 2017 at 12:52 am

            Dear Joe,
            I type the command: ./certbot-auto certonly –webroot -w /opt/bitnami/apps/wordpress/htdocs/ -d badmintonvillage.com -d http://www.badmintonvillage.com and it required me to reset the certificate, and i click yes. However, still not works for getting the SSL.

            The Result shows :
            – Congratulations! Your certificate and chain have been saved at
            :
            /etc/letsencrypt/live/badmintonvillage.com/fullchain.pem
            Your key file has been saved at:
            /etc/letsencrypt/live/badmintonvillage.com/privkey.pem
            Your cert will expire on 2018-01-02. To obtain a new or tweake
            d
            version of this certificate in the future, simply run certbot-
            auto

          • Leron Amin says

            October 4, 2017 at 1:05 am

            Peter,

            Did you restart your server? Run the following command in the terminal:
            sudo /opt/bitnami/ctlscript.sh restart apache

            Talk to you soon, 😀
            Joe

          • Peter says

            October 4, 2017 at 2:57 am

            Dear Joe,

            After putting the restart command, i put the step 3 command again. And then restart again. Still cant access SSL.

            The result:
            – Congratulations! Your certificate and chain have been saved at:
            /etc/letsencrypt/live/badmintonvillage.com/fullchain.pem
            Your key file has been saved at:
            /etc/letsencrypt/live/badmintonvillage.com/privkey.pem
            Your cert will expire on 2018-01-02. To obtain a new or tweaked

          • Leron Amin says

            October 4, 2017 at 5:02 pm

            Hey Peter,

            Your certificates are still not showing up as configured properly, but I know that isn’t the case because I’ve ruled that out.

            For this reason, this points to an error in your Apache configuration, possibly in your bitnami.conf file.

            If you’d still like support, please send me the entire contents of your bitnami.conf file and I will take a look at it.

            Please send it to support@onepagezen.com.

            Talk to you soon,
            Joe

  43. Peter says

    October 3, 2017 at 2:08 am

    When i Restart Apache Server

    It shown up:
    Unmonitored apache
    AH00526: Syntax error on line 53 of /opt/bitnami/apache2/conf/bit
    nami/bitnami.conf:
    SSLCertificateFile: file ‘/etc/letsencrypt/live/ badmintonvillage
    .com/cert.pem’ does not exist or is empty
    apache config test fails, aborting
    AH00526: Syntax error on line 53 of /opt/bitnami/apache2/conf/bit
    nami/bitnami.conf:
    SSLCertificateFile: file ‘/etc/letsencrypt/live/ badmintonvillage
    .com/cert.pem’ does not exist or is empty
    apache config test fails, aborting
    Monitored apache
    starwargift@badmintonvillage-vm:~$

    Reply
    • Rob says

      November 17, 2017 at 4:01 am

      Hi Leron, I am having the same issue as Peter on all my sites I try to do this with. Are you sure its not an error with the tutorial?

      Reply
      • Leron Amin says

        November 20, 2017 at 10:30 am

        Hi Rob,
        I’ve worked through this tutorial several times, and it works fine. However, the last time I ran through the tutorial I encountered the issue that you described and the way I solved it was by changing the permission level on the certificate directory. I will run through the tutorial again and see if I can reproduce the issue to give you a more thorough documentation on how to avoid/fix it.
        Thanks for pointing this out. 🙂
        Joe

        Reply
        • CJ says

          March 13, 2018 at 12:38 pm

          What permission level did you set the certificate directory to? I’m currently having this issue.

          Results from running apachectl configtest:

          AH00526: Syntax error on line 58 of /opt/bitnami/apache2/conf/bitnami/bitnami.conf:
          SSLCertificateFile: file ‘/etc/letsencrypt/live/mydomain.com/cert.pem’ does not exist or is empty

          It does exist and it’s not empty because I checked running :

          sudo nano /etc/letsencrypt/live/mydomain.com/cert.pem

          While using FTP I’m unable to open the /etc/letsencrypt/live folder as bitnami user. Current permissions are:

          700 root root

          Would love to get this solved.

          Thanks,

          CJ

          Reply
          • CJ says

            March 13, 2018 at 1:09 pm

            Figured it out.

            I ran:

            sudo chmod 755 /etc/letsencrypt/live

            sudo chmod 755 /etc/letsencrypt/archive

            apachectl configtest

            sudo /opt/bitnami/ctlscript.sh restart apache

            My SSL is now active. Hope this helps someone.

            Let me know if this looks okay, Leron.

            Peace

          • Leron Amin says

            March 13, 2018 at 3:05 pm

            Hi CJ,

            Looks good – I am glad you were able to get the issue resolved.

            Did you change the file permissions initially? I’m interested because this isn’t an issue that I see regularly.

            Talk to you soon,
            Joe

          • Leron Amin says

            March 13, 2018 at 2:53 pm

            Hi CJ,

            This syntax error is usually caused by there being extra ‘spaces’ after your file paths.

            So go to line 58, where each of your 3 certificate file paths are listed, and make sure there are no extra spaces after each of the 3 file paths.

            Let me know if you have any questions,
            Joe

          • CJ says

            March 13, 2018 at 4:18 pm

            Not that I recall, haven’t changed anything since I originally set it up.

          • Leron Amin says

            March 15, 2018 at 12:41 am

            Thanks for letting me know CJ!

  44. Chris says

    September 29, 2017 at 11:23 pm

    Hi, thanks very much for the helpful tutorial! When trying to obtain a new certificate, I got the following error. Any help is appreciated.

    Chris

    Obtaining a new certificate
    Performing the following challenges:
    http-01 challenge for globalgocare.com
    http-01 challenge for http://www.globalgocare.com
    Using the webroot path /opt/bitnami/apps/wordpress/htdocs for all unmatched domains.
    Waiting for verification…
    Cleaning up challenges
    Failed authorization procedure. http://www.globalgocare.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficien
    t authorization :: Invalid response from http://www.globalgocare.com/.well-known/acme-challenge/JnaGPMHqkk2puEIPHBtnhHtsy
    OxwuxbIJA6jbSuTwyc: ”

    <meta name="viewport" content="width="
    IMPORTANT NOTES:
    – The following errors were reported by the server:
    Domain: http://www.globalgocare.com
    Type: unauthorized
    Detail: Invalid response from
    http://www.globalgocare.com/.well-known/acme-challenge/JnaGPMHqkk2puEIPHBtnhHtsyOxwuxbIJA6jbSuTwyc:
    "

    <meta name="viewport" content="width="
    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A/AAAA record(s) for that domain

    Reply
    • Chris says

      September 29, 2017 at 11:24 pm

      above should end with “contain(s) the right IP address.”

      Reply
      • Chris says

        September 30, 2017 at 9:43 am

        Joe, I also did your tutorial on domain name configuration and did that work and everything went fine. I’m noticing a thread there “From Google Cloud Platform dashboard, go to cloud DNS. Check your IP address of your A record. Go to your VM instance page, look at the IP address of the VM instance that is running your WordPress website. Do they match?” I’m using the Bitnami click to deploy app. I don’t have a cloud DNS zone. Let me know if that’s part of my problem. Thanks.

        Reply
        • Chris says

          September 30, 2017 at 9:43 am

          My domain registrar is Google.

          Reply
          • Leron Amin says

            October 1, 2017 at 2:08 pm

            Hi Chris,

            You need to have a DNS zone that is managing the IP/domain that is running your instance, as shown in this tutorial. What the certbot error is essentially saying is, “the nameservers of this domain aren’t connected to your Google Cloud Platform account, so for that reason you don’t have permission to issue certificates for that domain”.

            Take a look at the tutorial that I sent you in the link, and after you’ve completed that let me know if you have any questions.

            Best regards, 🙂
            Joe

          • Chris says

            October 1, 2017 at 2:55 pm

            You’re very kind, and I’m pretty inexperienced in this! I followed your directions for transferring the domain name and reserving a static IP address. But my site isn’t available now. I assume it’s related to the following: when I change the name servers at Google Domains, I get the message, “It looks like you’ve changed your name servers. All settings for your domain (including website, email, synthetic records and resource records) are currently disabled. To enable these settings, you will need to restore the Google Domains name servers. ” Thanks for any help. Chris

          • Leron Amin says

            October 1, 2017 at 3:31 pm

            Hi Chris,

            When you changed your name servers on Google, you basically opted to manage your domain name through Google Cloud DNS instead of through Google domains.
            I think the issue with your website not loading likely has to do with your nameservers and DNS not being configured properly. In addition, make sure your WordPress domain name URLs are set to globalcare.com or http://www.globalcare.com. StackOverflow is also a great resource to use when troubleshooting a DNS configuration.

            Good luck, and let me know if I can be of further assistance. 🙂
            Joe

        • Chris says

          October 1, 2017 at 4:38 pm

          Joe, the site is up again, but with the “not secure” warning in the address bar, and the changes seem to have taken out my G-Suite email, which may be part of the coordination problem. I don’t want to take advantage of your good will here, and would be OK paying you to go through my settings with me and get everything on track. Let me know. Thanks, Chris

          Reply
          • Leron Amin says

            October 2, 2017 at 1:20 pm

            Hi Chris,

            I sent you an email requesting images from your Cloud DNS, Google Domains DNS, and Cloud VM instances page. I will take a look at the images to see if there are any basic issues that can be quickly and easily resolved.

            Talk to you soon,
            Joe

          • Chris says

            October 3, 2017 at 4:11 pm

            All set up with a SSL Cert and G Suite functioning well. Thanks for all the help!

          • Leron Amin says

            October 3, 2017 at 4:33 pm

            Hey Chris,

            I am glad to hear that everything is working well! 🙂

            Let me know if you ever have questions or suggestions for future tutorials!

            Best,
            Joe

  45. Georgi says

    September 29, 2017 at 5:21 pm

    Hi Leron
    Thanks for your reply.
    I have connection via sftp but the problem is probably permissions. I can see the files but I am able to download only some of them but not the keys.
    I am afrate if I change the permissions to sub files and folders they may be different permissions in each of them. I am afrate to not mestup all of them.
    Best regards

    Reply
    • Leron Amin says

      October 1, 2017 at 2:03 pm

      Hey Georgi,

      What you could do is just change only the permissions of the file that you want to edit, within the SSH terminal as shown in this tutorial. Change permissions to 777, download and edit the file (or whatever you want to do with it), and then change the permissions back.

      Hope this answers your question! 🙂
      Joe

      Reply
  46. Raj says

    September 29, 2017 at 3:14 pm

    Where ssl certificate store in google compute wordpress Bitnami. I want installed ssl certificate but I don’t know where is save certificate. I’m installing certificate suggested step by you. please Email me root name where ssl store.

    Reply
    • Raj says

      September 29, 2017 at 3:18 pm

      and please suggest how to enable google cdn for compute engine (wordpress by Bitnami) & setup Load balancing…….

      Thanks for very helpful articles

      Reply
      • Leron Amin says

        September 29, 2017 at 4:28 pm

        Hey Raj,
        The load balancing and CDN tutorials are in the making.
        They’ve been difficult tutorials to simplify, so that’s why they are taking awhile to make.
        Stay tuned, and make sure to join the mailing list to be notified when the tutorials are released!
        Talk to you soon,
        Joe

        Reply
    • Leron Amin says

      September 29, 2017 at 4:26 pm

      Hey Raj,
      All of your SSL certificates are located in the folder located at: /etc/letsencrypt/live/YOURDOMAIN.com/
      You can view each of the certificate files by executing the command: ls /etc/letsencrypt/live/YOURDOMAIN.com/
      Remember to replace YOURDOMAIN.com with your own domain name.
      If you want to download the certificates, you can use an FTP client such as FileZilla to locate and download the certificate files (see this tutorial).
      Let me know if this answers your question.
      Talk to you soon, 😀
      Joe

      Reply
  47. Georgi says

    September 29, 2017 at 1:30 am

    Hi Leron
    thank you for you great tutorials! Everything works just fine! Thank you for you quick responds as well!
    I have just one question regarding ssl on google cloud. I can not backup the ssl key as I suppose to do following the tutorials for some premision reasons I guess. Can you help out with that?
    Thank you in advance
    Best regards

    Reply
    • Leron Amin says

      September 29, 2017 at 4:08 pm

      Hey Georgi,
      I am glad everything is working fine!
      Are you looking to backup your SSL certificate files?
      You can open up the files and and copy and paste the contents in to a text editor – then save the file with the correct file extension (.pem).
      The other thing you can do is download the files via FTP, which I set up in this tutorial.
      Let me know if this answers you question. 😀
      Talk to you soon,
      Joe

      Reply
  48. Benjamin Waller says

    September 25, 2017 at 7:14 pm

    Hello Joe,

    Thanks for this tutorial. It is really helpful and I will try this out. There were a few decisions that you made that prompted some questions. Such as why do you prefer to use ‘www’ when setting up your wp-config.php file? Also, should I upload all images to the site before setting up the ssl certificate or doesn’t it matter ? Sorry if I have asked you this one before but I am still a unsure how images are treated for ssl.

    Thanks for your help.
    Ben

    Reply
    • Leron Amin says

      September 25, 2017 at 10:59 pm

      Hey Benjamin,

      I hope you’ve been well! I was happy to see your name popup in the comment feed. 🙂

      Regarding your first question – I just personally prefer to use www. with my domains, but you can find a million arguments on the internet arguing that www is better than non-www for SEO, and vise versa. Honestly, I don’t think it matters one way or the other as long as you choose one and stick with it.

      As far as uploading images is concerned, I would recommend uploading your pictures after you’ve completed the tutorial, as this will save you from having to change your image URLs later on.

      Also, before starting the tutorial, I would recommend taking a snapshot of your instance as a backup, according to step 1 only of this tutorial.

      Let me know if you run into any issues with the tutorial, as I would be more than happy to help you through them.

      Talk to you soon!
      Joe

      Reply
  49. Leron Amin says

    September 16, 2017 at 5:01 pm

    What did you think of this revised version of the Bitnami SSL certificate tutorial?
    Did you find it easier, more challenging, not much different?
    Please share your questions and comments below!
    Thanks,
    Joe

    Reply
    • Daniel says

      October 16, 2017 at 11:14 pm

      I found it perfect. Helped me a lot just when I almost gave up. I was thinking that I would need to change back to HTTP and had no idea how to do that with this bitnami installation. When I found your tutorials it changed my day to great. Truly thanks

      Reply
      • Leron Amin says

        October 16, 2017 at 11:31 pm

        Glad it helped you, Daniel! 😀
        Thanks for sharing your experience!

        Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Want Exclusive Tutorials?

Welcome to One Page Zen!

Through this blog I hope to introduce web developers to cloud computing!

© 2018 One Page Zen | Powered by Genesis | Contact | Sitemap | Legal | Privacy Policy | Affiliate Disclosure
Share this Article

Email sent!