SSL installation challenge in Ubuntu 18.04 nginx/1.19.1 with GCP Compute engine

Help
1

Dear friends, Hope you doing awesome!
I am trying to activate my SSL Certificate on my GCP compute instance where I am running my WordPress website with nginx/1.19.1 and Ubuntu 18.04 LEMP setup, I am trying to activate the SSL using below procedure and it went well, however, the website didn’t open even in HTTP mode after complete the procedure as per below blog

[https://www.cloudbooklet.com/install-web-apps-with-ssl-certificate-on-google-cloud-platform/]

I am also uploading my Nginx config file for your kind help here.

Thanks for your help :grinning:

2

Hi,

There’s not that much information for the link you provided. (and i didn’t see your nginx file)

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

3

Hi,
Please find the required details here

1.My domain is: ravindrabhargava.com

2.I ran this command: meetravi007@ravi-wordpress-cloud-blog:/etc/nginx/sites-available$ sudo nginx -t

3.It produced this output:
nginx: [warn] conflicting server name “www.ravindrabhargava.com” on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name “ravindrabhargava.com” on 0.0.0.0:80, ignored
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
meetravi007@ravi-wordpress-cloud-blog:/etc/nginx/sites-available$

4.My web server is (include version): NGINX
meetravi007@ravi-wordpress-cloud-blog:~$ nginx -v
nginx version: nginx/1.19.1

5.The operating system my web server runs on is (include version): Ubuntu 18.04

meetravi007@ravi-wordpress-cloud-blog:~$ uname -a
Linux ravi-wordpress-cloud-blog 5.3.0-1032-gcp #34~18.04.1-Ubuntu SMP Tue Jul 14 22:07:36 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

6.My hosting provider, if applicable, is: I am hosting by my own , using LEMP stack installed on VM running on Google cloud compute engine.

7.I can login to a root shell on my machine (yes or no, or I don’t know): Yes , using “sudo su -”

8.I’m using a control panel to manage my site (no, or provide the name and version of the control panel): I am using the command line on the server

  1. The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.31.0 meetravi007@ravi-wordpress-cloud-blog:~ certbot --version certbot 0.31.0 meetravi007@ravi-wordpress-cloud-blog:~

You may download my NGINX config file here since I am not able to upload it here
[https://drive.google.com/file/d/1Nn6cp39cuz2vqgUzj54amkm_FQLY9qOX/view?usp=sharing]

4

Hi,

I think the reason your site can’t be opened is because your port 443 is not open or being filtered by a firewall.
First, check your GCP’s platform firewall: https://docs.bitnami.com/google/faq/administration/use-firewall/
Then, check your compute instance firewall (check iptables, firewalld or ufw)

P.S. I merged your configuration into one virtual host file: https://pastebin.com/5LVMg09i.
You might also have a duplicate virtual host configuration for your HTTP virtual host, you can run sudo nginx -T for a complete list of virtual host files currently in use and remove the duplicate for both hostnames.

Thank you

5

Hi,
Thanks for your guidance, I noticed that my ufw was not having HTTPs so I activated the Nginx https on my webserver

meetravi007@ravi-wordpress-cloud-blog:/etc/nginx$ sudo ufw status
Status: active

To Action From

Nginx HTTP ALLOW Anywhere
ALLOW Anywhere
Nginx HTTPS ALLOW Anywhere
Nginx HTTP (v6) ALLOW Anywhere (v6)
ALLOW Anywhere (v6)
Nginx HTTPS (v6) ALLOW Anywhere (v6)

meetravi007@ravi-wordpress-cloud-blog:/etc/nginx/sites-available$

After that I manage to redirect my all request to my https domain name, however, after using your config file I am still not able to activate my SSL yet, seems something still missing by me.
when I test it its perfectly fine now
meetravi007@ravi-wordpress-cloud-blog:/etc/nginx$ sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
meetravi007@ravi-WordPress-cloud-blog:/etc/nginx$

However my ssl still not working, when i refresh the browser page its shows a secure connection for a millisecond then again insecure.
Don’t know what else I should correct now
I am sending my nginx.cong, /conf.d/ravindrabhargava.com.conf and /site-available/ ravindrabhargava.com.conf for your kind review, please let me know how I can adjust these files now to activate SSL.

[https://drive.google.com/drive/folders/1wn4HggXJYI-k6lbuSHyC6MuiHM0RQPdy?usp=sharing]

Thank you very much for your help :grinning:

6

Hi,

You’ll need to adjust your WordPress settings since it’s mixed content issue. https://www.whynopadlock.com/results/56fbb65d-438e-4ad3-8083-22431f38bd2a

First, make sure to change your WordPress URL to https version (on your backend), then if you are using any content builder, you might need to change individual pictures as well.

7

Hi,
I think on mysql db its already updated as https but still I am not able to get secure connection
Kindly guide me

mysql> SELECT * FROM wp_options WHERE option_name = ‘home’;
±----------±------------±-----------------------------±---------+
| option_id | option_name | option_value | autoload |
±----------±------------±-----------------------------±---------+
| 2 | home | https://ravindrabhargava.com | yes |
±----------±------------±-----------------------------±---------+
1 row in set (0.00 sec)

mysql>
mysql>
mysql>
mysql> SELECT * FROM wp_options WHERE option_name = ‘siteurl’;
±----------±------------±-----------------------------±---------+
| option_id | option_name | option_value | autoload |
±----------±------------±-----------------------------±---------+
| 1 | siteurl | https://ravindrabhargava.com | yes |
±----------±------------±-----------------------------±---------+
1 row in set (0.00 sec)

mysql>

8

Thanks a lot for your support and guidance, I managed to activate my SSL now :grinning: :pray: :pray:

9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.