Simi's picture


I've just installed Turnkey Linux and I would like to ask you how I can use SSL for Wordpress. I'm getting defaulte Apache webpage instead wordpress website (without ssl wordpress is being loaded). 

I would also like to ask you about redirection from http to https. I need to always encrypt my website.



Jeremy Davis's picture

Hmmm, that's weird. I'll have to double check because that sounds like a bug. When you browse to your site via https, it should display the same as what you get via http, except with a self signed certificate (you'll get a browser warning). Please see the default WordPress appliance Apache config.

Regarding redirection, you have 2 options that come to mind. You can use redirection to explicitly set the server to redirect to https:/ Or you can use rewrite rules to redirect from http to https (regardless of what domain/IP address). Both of these will need to go within the "<VirtualHost *:80>" section of the site conf (i.e. /etc/apache2/sites-available/wordpress.conf).


Redirect permanent / https:/


RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]

Both will require a reload/restart of Apache, the rewrite will also require that the rewrite module is enabled. E.g. for the rewrite:

a2enmod rewrite # not required for redirect
service apache2 restart
Simi's picture

Hi Jeremy!

The config file is the same. I use a self-signed cert but I assume it's not causing an issue. 
I'm getting "Apache2 Debian Default Page".

Can I debug apache somehow?



Jeremy Davis's picture

If your wordpress apache config file matches the default, then Apache should be serving the same thing whether http or https!?

Perhaps another config file is adjusting things? Please give the output of this:

ls -l /etc/apache2/sites-enabled/

That will show all the sites/virtualhosts enabled. IIRC there should only be 2, wordpress.conf and adminer.conf. If you have any others, perhaps try disabling them? E.g.:

a2dissite some-other-site # to disable some-other-site.conf
service apache2 restart

Also if your site is publicly available, please feel free to post a url and I can check it from my end (just to double check).

Also FYI, the /etc directory is saved as a git repo (via etckeeper) so you can view changes that have been made to config files if you think it may have been something you've done accidentally or inadvertently.

Simi's picture

Problem solved! I had problem with my firewall, my apologize. Last question.
I'm trying to install Let's encrypt cert but the wrapper script stops at 34%.


ERROR: Challenge is invalid! (returned: invalid) 

Do I have to do something else?



Jeremy Davis's picture

I assume that you are referring to the Confconsole Let's Encrypt plugin?

If so, my assumption is that you've hit a known bug. FWIW I have fixed that (and made some improvements), but we haven't yet uploaded the new package. In the meantime, there is a workaround posted in this comment (starts with the sentence "The workaround is really simple!").

Sorry that we don't yet have an updated package, but it'll be up really soon hopefully (within the next week or 2).

Simi's picture

Thank you so much Jeremy! You've solved all my problems.

I wish you all the best!



Jeremy Davis's picture

Fantastic! :)

Please do not hesitate to post back if you have further questions, feedback or recommended improvements we might be able to make in he future. Probably best to start a new thread though if it's not directly related to this one.

Good luck with it all moving forward, and hopefully chat with you another day! :)

Add new comment