How to Run WordPress 5 on Docker With HTTPS

Image for post
Image for post

Hi everybody, how have you been?

Today’s post is the continuation of the previous one, A WordPress Setup With Docker, PHP 7.4, Apache 2.4 and MySQL 8 on Ubuntu 20.04 LTS, where we looked at a step-by-step approach to setting up a WordPress 5 site locally.

It turns out to be the case that nowadays most professional web sites use HTTPS in order to protect users’ connections over the Internet, as well as to look SEO friendly to Google’s eyes, and WordPress is no exception.

In fact, well, if you’re a WordPress developer, as a rule of thumb you should always be using SSL certificates on your sites.

Remember, this is especially important when it comes to logging into WP admin panel since you don’t want passwords to be sent without any encryption whatsoever— and thus potentially sniffed by hackers.

Also it is highly recommended to install a security plugin such as iThemes Security (formerly Better WP Security) which will help you secure your site easily and get the most from your SSL certificate.

Let’s mimic that fancy cool live WordPress site you’re working on without any further ado.

On this occasion clone this GitHub repo, which comes with a Docker set up enabling HTTPS on Apache, and basically, make sure to run the start.sh script before building the Docker containers — the rest of the process is almost the same as without HTTPS.

$ bash/dev/start.sh 
This will bootstrap the development environment. Are you sure to continue? (y|n) y
Generating RSA private key, 2048 bit long modulus (2 primes)
.........................................................................................+++++
..............................................................................................+++++
e is 65537 (0x010001)
Signature ok
subject=C = US, ST = CA, O = "wpdocker, Inc.", CN = wpdocker.local
Getting Private key
writing RSA key

The start.sh script automatically creates a self-signed SSL certificate for development purposes in the form of a bunch of files indocker/apache2/conf/ssl.

$ cd docker/apache2/conf/ssl
$ ls -la
total 64
drwxrwxr-x 2 standard standard 4096 Nov 17 13:03 .
drwxrwxr-x 4 standard standard 4096 Nov 17 12:36 ..
-rw-rw-r-- 1 standard standard 0 Nov 17 13:03 .gitkeep
-rw-rw-r-- 1 standard standard 1143 Nov 17 16:52 wpdocker.local.crt
-rw-rw-r-- 1 standard standard 1054 Nov 17 16:52 wpdocker.local.csr
-rw------- 1 standard standard 1675 Nov 17 16:52 wpdocker.local.key
-rw------- 1 standard standard 1743 Nov 17 16:52 wpdocker.local.pem

If you look at the code of the script, as you can see you’ll need OpenSSL installed to run it.

This is how the SSL certificate files are actually created:

openssl genrsa -des3 -passout pass:foobar -out wpdocker.local.pem 2048openssl req -passin pass:foobar -new -sha256 -key wpdocker.local.pem -subj "/C=US/ST=CA/O=wpdocker, Inc./CN=wpdocker.local" -reqexts SAN -config <(cat /etc/ssl/openssl.cnf <(printf "[SAN]\nsubjectAltName=DNS:wpdocker.local,DNS:www.wpdocker.local")) -out wpdocker.local.csropenssl x509 -passin pass:foobar -req -days 365 -in wpdocker.local.csr -signkey wpdocker.local.pem -out wpdocker.local.crtopenssl rsa -passin pass:foobar -in wpdocker.local.pem -out wpdocker.local.key

In a nutshell, the idea is the more your Dockerized WordPress site is mimicking its live counterpart, the better — if HTTPS is enabled it’s a good thing to run the website locally with a self-signed SSL certificate too.

You may also be interested in…

Written by

Hi there! How are you today? I blog about technology, the Internet, SEO, programming tips, PHP and more. programarivm.com

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store