I'm migrating a bitnami wordpress site from AWS lightsail to GCP.
The AWS's setup includes a purchased wildcard SSL. When I set up the loadbalancer in GCP, I opt for Google's SSL instead.
I got this error Error code: SSL_ERROR_NO_CYPHER_OVERLAP when I access from the loadbalancer's IP. The VM is working fine and I am able to access it with it's own external IP.
The domain is still pointing to AWS's server. I wonder if the error is because I have not pointed the domain to the load balancer's IP?
I'm hoping to gain some clarity first before I update the domain's IP. I want to avoid situation where it does not work after I make the switch.
Thanks
Related
Forgive me here, I am largely post-technical for 10+ years and taken this as far as I can. I can probably take any advice and run with it, but may ask for some specifics to help if troubleshooting tools or commands are required. So please forgive that too.
Background:
Yesterday we could hit site URL after restarting VM hosted on Google Cloud. Sometime overnight, the URL was inaccessible.
Message:
This site can’t be reached <URL> refused to connect.
Try:
Checking the connection
Checking the proxy and the firewall
ERR_CONNECTION_REFUSED
Troubleshooting:
can load using IP.
The technical guys (3rd party suppliers) insist they have not made any changes. My team have not made any changes.
The domain is still valid (it renews tomorrow)
The domain is used for the DEV environment with DEV as a prefix hosted on another VM.
Looking at firewall rules, all the rules with the proper tags appear to be set up correctly for HTTPS with appropriate IP (0.0.0.0) and port 80.
Many thanks in advance for your help. When I find the answer, I will post it here.
RESOLVED:
ROOT CAUSE:
During setup on GCP, the team forgot to link the reserved external IP address to the VM. As such, the external IP address was ephemeral so after a reboot of the server, Google issued a new external IP for the VM.
SOLUTION:
Reserve a static external IP Address and link it to the VM or promote an existing ephemeral external IP Address.
https://cloud.google.com/compute/docs/ip-addresses/reserve-static-external-ip-address
Currently, I am working on a Wordpress application and I am using AWS hosting. My domain is in GoDaddy.com and I have deployed the application in elastic beanstalk. I have created load balancer and also I need to run the application through HTTPS.
I have done my research and I think I found the right way, but it's not working for HTTPS. when I browse on HTTP on port 80, it runs well. Now I am helpless.
Here's what I have done so far:
1) I created a hosted zone on AWS Route 53 for the domain named "example.com". There are two records are created, NS and SOA.
2) Then, in GoDaddy, I added NS records from AWS as Custom Nameservers.
3) After that, I created A record for the domain in the AWS hosted zone, set ALIAS targeted to the Load Balancer of the Elastic Beanstalk environment.
4) Then, I changed the SITE URL from the wp_options table the wordpress application database.
After doing up to this, my application was running in HTTP. But as I want to change it to HTTPS. So,
1) I requested a certificate from AWS Certificate Manager and created CNAME (provided by ACM after requesting certificate) record in the hosted zone.
2) After the certificate is issued, I edited the listener from EC2 >> Load Balancer >> Listener and changed the protocol from HTTP to HTTPS and also allowed port on Security groups.
3) Also, I changed, the SITE URL from WordPress database and changed it from "http://example.com" to "https://example.com" but it was not working.
4) So I went to Elastic Beanstalk >> Configuration >> Load Balancer and added listener. After the environment is saved and restarted, still, the site was not running on HTTPS [ HTTP 408 ERROR IS SHOWN ]. But if I change SITE URL to "http://example.com", it works
I have found a solution, which says to use RedirectURL and set it to server config but I don't want to do that.
I also found this solution which suggest to Export Zone File and import it to AWS hosted zone. But whenever I click Export Zone File(Unix), the file downloaded is shown empty. I tried this for other accounts, still, this problem exists. So I did not do that.
Sorry for the long story, but I really need this help.
I have solved the issue.
In my load balancer port configuration, I previously set load Balancer port 443 and instance 443. here what I need to do is to call the load balancer on port 443 and backend make the backend call on port 80 and enable https on WordPress.
So I kept load balancer port 443 and changed the instance port to 80. After that, on the browser, there was too many redirects error shown. So then what I needed to do is that add $_SERVER['HTTPS'] = 'on' on wp-config. And then everything was running smoothly.
I hope this will help if some
The website domain is www.myhomeetal.com. I tried to view the logs via SSH on the server, this is what I got.
Got error 'PHP message: PHP Warning: Invalid argument supplied for foreach() in /opt/bitnami/apps/wordpress/htdocs/wp-content/themes/revo/lib/widgets.php on line 714\n'
and this
Certificate and private key localhost:443:0 from /opt/bitnami/apache2/conf/server.crt and /opt/bitnami/apache2/conf/server.key do not match
AH00016: Configuration Failed
I attempted installing an SSL certificate when I noticed the site was offline. Could that have caused the whole site to be offline.
Hi Bitnami Engineer here,
It seems that Apache is running properly now but the DNS is not properly configured. As you can see in this online tool, the ec2 and www.myhomeetal.com are set properly to the machine's IP but the myhomeetal.com domain is not
https://www.whatsmydns.net/#A/ec2-18-191-15-113.us-east-2.compute.amazonaws.com
https://www.whatsmydns.net/#A/www.myhomeetal.com
https://www.whatsmydns.net/#A/myhomeetal.com
You just need to configure myhomeetal.com to point to the machine's IP
Happy to help!
I'm trying to set up SSL on my wordpress site.
I've an EC2 instance running wordpress on nginx and ubuntu. Database running on RDS.
I've launched an application load balancer with listeners on ports 80 and 443 and attached the SSL certificate which I got via ACM. I've set my targets to point to the EC2 instance I am using.
At this point the how-to guides and information stops. Apparently that's all there is to it and it should now all be working. However it's not. I'm getting connection refused errors when I add the https to my site's URL.
When I put my URL into https://www.sslchecker.com/sslchecker I'm told that no certificates are found.
So clearly I need to something more to get this working - can anyone point me to the next step?
Using the ELB and ACB is the way to go here. It sounds like you might be using the wrong type of ELB though. You mentioned application load balancer, you should use a classic load balancer. Also make sure your security groups are setup correctly to allow your ELB to talk to the EC2 instance.
You didn't mention Route53 but I assume you have the DNS entry setup to point at the ELB as well.
Share more and I will help more. Good luck.
Right now I have a domain ex: foobar.com hosted on Bluehost.
I created an instance on AWS and fortunately, I used (wordpress by bitnami) to migrate my foobar.com to the aws site.
I created an elastic ip and associated it with my instance.
This is where I am stuck. I've read tons of tutorials telling me to go into my Bluehost and add a DNS record which I haved.
My first attempt was to do a URL redirect on foobar.com, which worked but only for the homepage because when I would navigate to another page, it would display the elastic ip (ex: 53.13.153.12/about).
I am unsure how to go about this problem.
Setup an A Record, not a URL redirect. You'll need to then configure the vhost on your server to understand that domain (I think you may have already done this step).
Bluehost has some documentation here