Journal Entry – 12.30.2016 – SSL for the blogs!

It is 6:37 AM.  I woke up around 3:30 AM and finished up ensuring SSL was set up correctly on my domain names.

Yesterday I finally had a breakthrough!  I have been trying to figure out, for well over a year now, how to make my websites SSL – or in other words, make them https with a green lock instead of just http.  I’m particularly pleased because I’ve done it with just two days to spare before Google starts to punish websites that are not encrypted and promote those that are.

See: Certificate Transparency Project

I’m still in a state of euphoria because I just could not get this to work for a very long time.  I learn by testing, reading forums and pretty much pressing buttons to see if something works or breaks.  Well, this was difficult to do with certificates because you either had to buy them, or could only get one for free and then they were a pain to install. You couldn’t test to see what worked because once you bought or got your one free certificate that was it!  If you had made a mistake with your info for the certificate you couldn’t correct it.  Let’s Encrypt has changed all this and made it so very easy!  Plus it is integrated with Synology making it a breeze.

Radagast Trance

The next part was figuring out how to get the certificates to work correctly with my websites located on the virtual host.  To be honest I don’t even remember what the breakthrough was, I was reading yet another forum about SSL, had a thought, and then went into a trance for two hours testing, refining and fixing things I broke.  Here is a guide that I wrote for myself so I can remember what I did the next time I need to do it.  Perhaps it will help someone who uses Synology with their own WordPress installation.

https for WordPress installation on Synology using Let’s Encrypt:

I. Let’s Encrypt:

a.) Create the security certificate using the following:
Domain Name: mydomain.com
E-mail: my@email.com
Subject Alternative Name: www.mydomain.com

b.) Highlight certificate and click configure. Make sure the certificate matches the same website in the virtual host

II. Change .htaccess file

Change .htaccess (don’t forget the . in front of htaccess).  What this does is force https instead of http on your site.  It should have these rules – this should be written inside the file.

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

III. WordPress

1. General -> Settings: Change blog and site (both places) url to https (not http)

2. Once you change to https in settings change permalinks to something else then switch back to what originally had. This will reset the rules (if you don’t do this it cannot find some pages in your blog.  Sometimes when I make changes internal links in the blog no longer work and I get a “page not found.”  If I just reset the permalinks this fixes things.  

3. Plugin: – Install SSL Insecure Content Fixer and put the setting on “Content.”  Even though most of my pages were secure Google was complaining about some elements on the page being insecure.  Putting this plugin on “content” fixed the problem for me.  

One of the items that caused me some trouble was understanding how I could get the certificate to work with www and non-www versions of the website.  Should I put the www version in the certificate first; should I issue two certificates for both versions and how about in WordPress, should I switch the blog url to a www or non-www version?

Also, what version do the Google links use?  My site has always had www so I thought I should probably keep the www but does Google even care? In the end and after a lot of testing I figured out that for the certificate I only needed the root domain and could use www for the alias.  I kept my blog url in WordPress with the www and everything seems to work.

Another issue is that some pictures wouldn’t show up with the https link with Google saying they were ‘insecure.’  This was fixed either by putting https in the WordPress URL settings and/or by the SSL Insecure Content Fixer.  I think it was by by changing the URL to https in WordPress but the plugin definitely help with all the miscellanea as testing showed.

So I have to say, I am really pleased with myself today.  It is so odd though that I’ve forgotten what the breakthrough was.  When I work on the computer, I put on my headphones and really do go into a trancelike state with multiple thoughts overlapping and the mind is in overdrive.

Anyway, as Ice Cube says, “It was a good day”

And finally, Radagast the Brown’s trance scene.  This is one of my favorite parts of The Hobbit movie.

Author: 魔手

Global Citizen! こんにちは!僕の名前はマットです. Es decir soy Mateo. Aussi, je m'appelle Mathieu. Likes: Languages, Cultures, Computers, History, being Alive! \(^.^)/