Fil Nguyen

SSL and Cry

Good thing Google makes creating/tearing down containers is easy. It actually took like, 4 tries to get it right.

Why do SSL?

My plan is to eventually do E-Commerse through wordpress. Security is mandatory if you want to be trusted. See this little lock bar?

Not having that is a death sentence because anyone intercepting requests between us(You the reader and the server this site is on) is not securely encrypted.

Why cry?

Google doesn’t exactly make it easy to ensure your site is SSL secure like a lot of the other WordPress specific hosting sites. I don’t come from a networking or security background so I don’t really care how it works behind the scenes. It took me 4 tries to get it all right and the way I wanted it set up.

What worked?

I initially tried using Google’s One Click deploy but it’s basically all up to you in order to generate the SSL cert. I found out the application packaging company Bitnami just did WordPress way better… and since I wanted the multi site feature. I used

https://console.cloud.google.com/marketplace/product/bitnami-launchpad/wordpress-multisite

Since the main one use GCE, I’m trying to set it up within their free tier.

https://cloud.google.com/free/docs/free-cloud-features#compute

In order to use Bitnami’s script, you need a static IP (Google offers a way to convert ephemeral to static IPs on the UI) and also set up the DNS to your website. Since I use google domains, I just transferred it to Cloud DNS.

Here’s how you use the script

https://docs.bitnami.com/aws/how-to/generate-install-lets-encrypt-ssl/

The downside of the script is that it doesn’t let you create wildcarded SSL certs, so you basically need to create it for your main domain. I’d prefer wildcard so that I could set up WordPress like

  1. site1.filnguyen.com
  2. site2.filnguyen.com

and use a cert for any *.filnguyen.com site. They didn’t allow that so I made a workaround by having sites separated by subdirectories instead

  1. filnguyen.com/site1
  2. filnguyen.com/site2

I’m assuming I can have a separate domain and map filnguyen.com/site1 to a different domain. That’s a TODO but setting it up like this means any site under filnguyen.com will be SSL secured. The guide I followed to use subdirectories can be found here.

https://docs.bitnami.com/virtual-machine/apps/wordpress-multisite/administration/use-directories/

Those are my notes. Maybe I’ll create an actual guide or something later.

By

himynameisfil

Posted in

Reply

Your email address will not be published. Required fields are marked *