Difficulty: Beginner
Estimated Time: 10 minutes

Welcome to Bitnami's Apache SSL troubleshooting guide!

In this guide, you will learn, step by step, how to troubleshoot SSL issues with your Apache server configuration and how to create redirections.

This guide uses a Bitnami WordPress image launched on a cloud instance to illustrate the process of configuring and troubleshooting SSL certificates. The same steps apply to other Bitnami images too. Check the Bitnami application catalog to quickly find and deploy any Bitnami application on the cloud.

Assumptions and prerequisites

  • You have the public IP address of your instance.
  • You have the necessary SSH key pair to log in to your instance.
  • You have configured your domain's DNS settings such that your domain name, with and without the www prefix, points to the public IP address of your instance.

We want to hear your feedback so we can keep improving our content. Please fill this quick survey and let us know your thoughts.

You can also visit our Community site and ask any questions you may have about SSL configuration on Bitnami stacks.

Don’t stop now! The next scenario will only take about 10 minutes to complete.

Enable HTTPS support in Apache

Step 1 of 6

Check the current SSL configuration

Begin by checking the status of the server and the current SSL configuration.

  1. Check that all services are running:

    sudo /opt/bitnami/ctlscript.sh status

    At this point, all services should be running. Confirm this by clicking the "Web site" tab in the interactive editor on the right. This should launch a new browser window that displays the WordPress index page.

  2. Check the preconfigured SSL certificate:

    curl https://localhost

    The Bitnami WordPress image is configured with a self-signed certificate by default. Therefore, the user's browser will throw an error every time he or she visits the Bitnami WordPress website using an HTTPS URL. This error is visible in the Apache error log file:

    tail /opt/bitnami/apache2/logs/error_log

    You will see that the error arises because the server certificate does NOT match the server name.

  3. Check the main Apache file where the SSL certificates are configured. You can use your preferred editor. This example uses nano.

    sudo apt-get install nano

    sudo nano /opt/bitnami/apache2/conf/bitnami/bitnami.conf

    You will see that the default SSL port is set to 443 and the default options have been applied for the virtual Host. The most important parameters in the SSL configuration are the locations of the SSLCertificateFile and the SSLCertificateKeyFile.

    SSLCertificateFile "/opt/bitnami/apache2/conf/server.crt" SSLCertificateKeyFile "/opt/bitnami/apache2/conf/server.key"

In the next steps, you will override the preconfigured SSL certificate with a new self-signed SSL certificate or a new Let's Encrypt SSL certificate generated specifically for your domain.