Figured it out! The function I needed to hook is called “the_content”, because that’s the post content that is pulled directly from the database. I added this code into the functions.php file for my theme. function force_https_the_content($content) { if ( is_ssl() ) { $content = str_replace( ‘src=”http://’, ‘src=”https://’, $content ); } return $content; } add_filter(‘the_content’, … Read more
My solution: openssl req \ -newkey rsa:2048 \ -x509 \ -nodes \ -keyout server.key \ -new \ -out server.crt \ -subj /CN=dev.mycompany.com \ -reqexts SAN \ -extensions SAN \ -config <(cat /System/Library/OpenSSL/openssl.cnf \ <(printf ‘[SAN]\nsubjectAltName=DNS:dev.mycompany.com’)) \ -sha256 \ -days 3650 Status: Works for me
The best way to accomplish this is using three server blocks: one to redirect http to https, one to redirect the https www-name to no-www, and one to actually handle requests. The reason for using extra server blocks instead of ifs is that server selection is performed using a hash table, and is very fast. … Read more
This plugin should handle what you’re requesting. http://wordpress.org/plugins/wordpress-https/
The .crt file is sent to everything that connects; it is public. (chown root:root and chmod 644) To add to the private key location; make sure you secure it properly as well as having it in there. (chown root:ssl-cert and chmod 640)
My best educated guess is to perform a checklist on the following: Take a look at the virtual host configuration files for your domains, if you have access to them. Ensure that they agree with the corresponding WordPress installations on your machine(s). If your Virtual Host configurations are written correctly and as intended, then the … Read more
If you have 5 web servers behind a load balancer (…) do you need SSL certificates for all the servers, It depends. If you do your load balancing on the TCP or IP layer (OSI layer 4/3, a.k.a L4, L3), then yes, all HTTP servers will need to have the SSL certificate installed. If you … Read more
Changed the wordpress address and siteurl in Dashboard > Settings > General
The first issue is your hosting company fault. The underlying library that performs the authentication that you are actually connecting to wordpress.org is probably missing some related configuration to be able to complete correctly the authentication. The solution they gave you is not secure and while I don’t believe anything bad will happen because of … Read more
The SSL admin and login redirection should be done through the FORCE_SSL_ADMIN constant in wp-config.php: define(‘FORCE_SSL_ADMIN’, true); For further information: Administration Over SSL Aditionally, if you want be redirected to http when you’re logged and in the frontend, take a look at: Redirect WordPress front end https URLs to http without a plugin