Tech

Setting up WordPress with GoDaddy certificates

January 8, 2020May 29, 2020

How to set up SSL on WordPress on an AWS Ubuntu EC2 instance using GoDaddy’s certificates.

After establishing your GoDaddy SSL certificate to your domain, and verifying it, you will be given the private key and CSR. Then after verifying it, you will have the option in downloading your certificates based on various options, choose “Apache”. This will generate a zip download, save that to your computer.

Now copy the private key, certificate (it should look like a random mix of numbers and letters as a .pem file), and the certificate chain (should look like something like this “gd_bundle-g2-g1.crt”), into your WordPress instance. Save it somewhere accessible in your instance.

First, you will need to update your WordPress settings to point to HTTPS. In your WordPress dashboard, go to settings then change your URL endpoints to HTTPS. Change the WordPress Address (URL) and Site Address (URL) from HTTP to HTTPS. Save it.

Create an apache config file located in “/etc/apache2/sites-available” named “example.com.conf” with the following information:

<VirtualHost *:80>
  ServerName example.com
  ServerAlias www.example.com

Redirect permanent / https://example.com/
</VirtualHost>

<VirtualHost *:443>
  ServerName example.com
  ServerAlias www.example.com
  DocumentRoot /var/www/html/

  Protocols h2 http:/1.1

  <If "%{HTTP_HOST} == 'www.example.com'">
    Redirect permanent / https://example.com/
  </If>

  ErrorLog ${APACHE_LOG_DIR}/example.com-error.log
  CustomLog ${APACHE_LOG_DIR}/example.com-access.log combined

  SSLEngine On
  SSLCertificateFile /home/ubuntu/cert.pem
  SSLCertificateKeyFile /home/ubuntu/private.key
  SSLCertificateChainFile /home/ubuntu/fullchain.crt

  SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
  SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
  SSLCompression off

  <Directory /var/www/html/>
       Options FollowSymlinks
       AllowOverride All
       Require all granted
  </Directory>

  <Directory /var/www/html/>
       RewriteEngine on
       RewriteBase /
       RewriteCond %{REQUEST_FILENAME} !-f
       RewriteRule ^(.*) index.php [PT,L]
  </Directory>
</VirtualHost>

Edit the above config file to point to the proper locations for your GoDaddy certs. And edit the example.com references to your own domain.

Now the the example.com configuration file is created, run the commands below to enable it:

sudo a2ensite example.com.conf

Now enable the following :

sudo a2enmod ssl
sudo a2enmod headers
sudo a2enmod rewrite

Now restart Apache: sudo systemctl restart apache2

Change directory into /var/www/html/ and add the following to your .htaccess file (within <IfModule mod_rewrite.c>):

Options +FollowSymLinks
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_USER_AGENT} ^(.+)$
RewriteCond %{SERVER_NAME} ^example\.com$ [OR]
RewriteCond %{SERVER_NAME} ^www\.example\.com$
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
Header add Strict-Transport-Security "max-age=300"

Replace “example.com” with your domain. Save it. Then try to access your website.

Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments