AWS Bitnami WordPress SSL Configuration
All configuration files for bitnami reside under /opt/bitnami/apache2/conf/* and log files under /opt/bitnami/apache2/logs/*.
Following command is used, to stop, start and restart servers sudo /opt/bitnami/ctlscript.sh start|stop|restart (apache, mysql)
To configure SSL certificate on your WordPress site you would require 3 files:
- Server.key: Private key which was used to generate csr, use the following command to extract key-without phrase: openssl rsa -in server.key -out “NewKeyFile.key” -passin pass:<passphrase>
- Server.crt: SSL certificate (download and rename 2_yourwebsitename.crt files provided by StartCom)
- Server-ca.crt: Certificate Chain (download and rename 1_root_bundle.crt files provided by StartCom)
For my personal site, I decided to use free SSL certificate provided by StartCom but if you have bought certificates from network solutions, please do the following:
- Server.key- Extract Key from .pfx file:
- openssl pkcs12 -in <name>.pfx -nocerts -out key.pem -nodes
- openssl rsa -in key.pem -out <name>.key
- Server-ca.crt – For the certificate chain, Combine files provided by network solution in the following order:
- OV_NetworkSolutionsOVServerCA2
- OV_USERTrustRSACertificationAuthority
- AddTrustExternalCARoot
- Server.crt – Certificate file provide by network solutions.
Upload all 3 files under /opt/bitnami/apache2/conf/ folder.
Now modify /opt/bitnami/apache2/conf/bitnami/bitnami.conf file:
Redirect all requests to HTTPS:
- <VirtualHost _default_:80>
- DocumentRoot “/opt/bitnami/apache2/htdocs”
- RewriteEngine On
- RewriteCond %{HTTPS} !=on
- RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
And add certificate chain file:
- <VirtualHost _default_:443>
- DocumentRoot “/opt/bitnami/apache2/htdocs”
- SSLEngine on
- SSLCertificateFile “/opt/bitnami/apache2/conf/server.crt”
- SSLCertificateKeyFile “/opt/bitnami/apache2/conf/server.key”
- SSLCertificateChainFile “/opt/bitnami/apache2/conf/server-ca.crt”
Finally restart the apache server:
sudo /opt/bitnami/ctlscript.sh restart apache
