Compute Engine Google Cloud

Install FREE SSL Certificate for WordPress on Google Cloud – Click to Deploy

Install FREE SSL Certificate for WordPress on Google Cloud – Click to Deploy. This post, provides all steps to install Let’s Encrypt Certificate for your WordPress installation on Google Cloud with Click to Deploy.

Not using Click to Deploy? Choose a different Installation:

Click to Deploy

Prerequisites

  1. WordPress Installation using Click to Deploy.
  2. Setup Google Cloud DNS for your Domain name.

Click to Deploy WordPress Installation

Click to Deploy is a packaged application provider for many platforms. The Package contents of Click to Deploy installation of WordPress on Google Cloud is listed below.

  • Apache web server.
  • MySQL database.
  • PHP v7
  • phpMyAdmin.
  • Latest WordPress.

Connect to your Instance by SSH

Once you have all the prerequisites ready, you can connect your instance and access it using SSH.

Go to your Google Cloud Console and navigate to Compute Engine >> VM Instances.

Click the SSH button that’s at the right of your VM Instance.

Now a new terminal will be opened and connected to your VM Instance.

Install CertBot

Execute the following command to install Certbot Client which is used to generate SSL certificates.

wget https://dl.eff.org/certbot-auto
chmod a+x certbot-auto

Generate SSL Certificates

To generate new SSL certificates execute the following command.

Replace yourdomainname.com with your Domain name.

./certbot-auto certonly --webroot -w /var/www/html/ -d yourdomainname.com -d www.yourdomainname.com

Once you run the command, you need to enter your email address and accept the terms and conditions. Finally a set of certificated will be issued to you in this directory (/etc/letsencrypt/live/yourdomainanme.com).

Install FREE SSL Certificate

Edit your default-ssl.conf file and make the folowing changes.

sudo nano /etc/apache2/sites-available/default-ssl.conf

Paste the following code below the line ServerAdmin [email protected] to accept traffic on port 443

Replace yourdomainname.com with your Domain name.

<Directory /var/www/html/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>

Now scroll down below and find the default directives of SSLCertificateFile and SSLCertificateKeyFile

Comment the both lines by placing a # symbol at the starting of the line.

Paste the following certificates below the two lines.

SSLCertificateFile "/etc/letsencrypt/live/yourdomainname.com/cert.pem" 
SSLCertificateKeyFile "/etc/letsencrypt/live/yourdomainname.com/privkey.pem"
SSLCertificateChainFile "/etc/letsencrypt/live/yourdomainname.com/chain.pem"

So your output will be like this.

Output

#SSLCertificateFile "/etc/ssl/certs/conf/ssl-cert-snakeoil.pem"
#SSLCertificateKeyFile "/etc/ssl/private/conf/ssl-cert-snakeoil.key"
SSLCertificateFile "/etc/letsencrypt/live/yourdomainname.com/cert.pem"
SSLCertificateKeyFile "/etc/letsencrypt/live/yourdomainname.com/privkey.pem"
SSLCertificateChainFile "/etc/letsencrypt/live/yourdomainname.com/chain.pem"

Hit Ctrl+x followed by Y and Enter to save the file.

Apache HTTPS configuration

Now configure Apache to serve HTTPS requests only. Edit the wordpress.conf and delete all the lines in that file and paste the contents below.

sudo nano /etc/apache2/sites-available/wordpress.conf
<VirtualHost *:80>
ServerAdmin [email protected]
DocumentRoot /var/www/html
ServerName www.yourdomainname.com
ServerAlias yourdomainname.com
Redirect permanent / https://www.yourdomainname.com/

<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>

<Directory />
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>

ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/

<Directory />
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>

ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn

CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Update Domain URls

Go to your WordPress Dashboard and navigate to Settings > General and replace URLs with HTTPS.

Restart Apache server

For the changes to take effect you need to restart your Apache web server.

sudo a2ensite default-ssl
sudo a2enmod ssl
sudo service apache2 restart

Setup Auto-renewal

To setup auto-renewal for your certificate tou need to set up cronjob to check the certificate expiry and renew it automatically.

sudo mv certbot-auto /etc/letsencrypt/

Set up a cronjob.

sudo crontab -e

Choose 1 to select the nano editor.

Paste the following line to the last.

5 2 * * 6 cd /etc/letsencrypt/ && ./certbot-auto renew && /etc/init.d/apache2 restart

Hit Ctrl+X followed by Y and Enter to install the cronjob. This setting will check every week and renew the certificate which is close to expiry.

Conclusion

Now you have learned how to install FREE SSL Certificate for your WordPress with Click to Deploy on Google Cloud.

Thanks for your time. If you face any problem or any feedback, please leave a comment below.

Cloudbooklet builds a large collection of Linux based guides and tutorials on Cloud platforms like Google Cloud, AWS, Azure, DigitalOcean and more

Write A Comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.