SSL set-up through Compute Engine in GCP

GCP_Cloud


Basically, this method attaches SSL to a particular VM instance in a project. And for the implementation, we need server file access too.

  • Download SSL certificate from DNS provider or from purchased site.
  • unzip the folder –> it includes three files :
    • .crt file
    • .pem file
    • .bundle.crt file
  • You can rename these files for better identification (optional).
  • Add these files to the path /etc/ssl/certs (can access using filezilla).
  • In GCP –> go to Google Console –> your Project –> Compute Engine (can see on Hamburger menu click) –> VM instance –> select SSH corresponding to your VM instance.
  • For the certificate Configuration:
    sudo nano /etc/apache2/sites-available/default-ssl.conf
    • At the top of the default-ssl.conf file, paste the following lines of code in order to tell your server to direct network traffic to HTTPS port 443.
      <Directory /var/www/html/>
      Options Indexes FollowSymLinks MultiViews
      AllowOverride All
      Order allow,deny
      allow from all
      </Directory>
      The above code should be added in between ‘ServerAdmin webmaster@localhost’ and ‘DocumentRoot var/www/html ‘
    • The next step is to use the down-arrow key to scroll down towards the bottom of the default-ssl.conf file. Place a # sign next to the existing snakeoil certificates, and paste the path to your three SSL certificate files as shown below:
      SSLCertificateFile “/etc/ssl/certs/cert.pem”
      SSLCertificateKeyFile “/etc/ssl/certs/privkey.pem”
      SSLCertificateChainFile “/etc/ssl/certs/chain.pem”
  • For Enabling HTTPS redirect
    sudo nano /etc/apache2/sites-available/wordpress.conf
    Inside of the wordpress.conf file, delete the existing 3 lines of code at the top of the file. Then, copy and paste the code below into the file.

<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
ServerName www.website.com
ServerAlias website.com
Redirect permanent / https://www.website.com/
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/html/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory “/usr/lib/cgi-bin”>
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

  • Restart Apache Server
    sudo a2ensite default-ssl
    sudo a2enmod ssl
    sudo service apache2 restart
  • Update WordPress URL
    In your browser, enter the URL (with https://) to your wp-admin dashboard.

Leave a comment

Your email address will not be published. Required fields are marked *