To get HTTPS on your site, you need to follow two steps. First, you need to set up your SSL certificate. If you're using Bitnami, it's very straightforward. As per their documentation, you just need to run their HTTPS Configuration Tool:
Execute the following command and follow the prompts:
sudo /opt/bitnami/bncert-tool
But going through this process only got me halfway there. I noticed that some .js calls were being made over HTTP, which caused CORS issues and generally stopped the membership features from working correctly. I tried setting up Apache Force HTTPS as per Bitnami's documentation and it didn't help.
The solution was the following, as per https://community.bitnami.com/t/how-to-get-https-working-80-redirect-loop-issues-resolved-ghost-gcp/55867/3:
There are two issues after setting up your SSL certificate. You'll notice your nav links have :80 appended to the end, and of course lack the S in https.
First part - Fix Ghost URL
Stop Ghost & open the Ghost config file:
sudo /opt/bitnami/ctlscript.sh stop
sudo vim /opt/bitnami/apps/ghost/htdocs/config.production.json
Edit the URL part to include the s
after http
. Remove the :80
. Then, Enable Apache's protocol proxy pass.
sudo vim /opt/bitnami/apps/ghost/conf/httpd-app.conf
Add this to the top of the file:
RequestHeader set X-Forwarded-Proto "https"
Restart Ghost.
sudo /opt/bitnami/ctlscript.sh start
... and you're set.
Thanks for reading
Was this useful? Interesting? Have something to add? Let me know.
Seriously, I love getting email and hearing from readers. Shoot me a note at hi@romandesign.co and I promise I'll respond.
You can also sign up for email or RSS updates when there's a new post.
Thanks,
Roman