SSL invalid on Lightsail Bitnami Wordpress Multisites after new instance made from snapshot
We'll likely need to upgrade a Lightsail Bitnami WordPress Multisite instance in the future, so I'm testing doing it.
After I take a snapshot and then create a new, lager instance from it, then switch the static IP over to it, then the sites fail to load due to:
Your connection is not private
Attackers might be trying to steal your information from (etc..)
NET::ERR_CERT_AUTHORITY_INVALID
Subject: www.example.com
Issuer: www.example.com
Expires on: 7 Nov 2030
Current date: 18 Nov 2020
PEM encoded chain:
-----BEGIN CERTIFICATE-----
(cert details etc...)
Note the www.example.com and expiry date in 2030.
Do the SSL certificates (made with The Bitnami HTTPS Configuration Tool) only work on the original instance, even if the new instance are an exact copy? I'm guessing they do.
Is the only solution to create new certificates on the new instance using the same Bitnami tool?
Thanks
Solution 1:
Bitnami Engineer here
Do the SSL certificates (made with The Bitnami HTTPS Configuration Tool) only work on the original instance, even if the new instance are an exact copy? I'm guessing they do.
Yes, the SSL configuration is also copied to the new instance as you created a snapshot from the first instance. You can confirm this by checking the SSL certificates Apache is using
sudo cat /opt/bitnami/apache2/conf/bitnami/bitnami.conf | grep SSLCertificate
Note: If you created a custom virtual host, you will need to use that file instead of the bitnami.conf file For example
sudo cat /opt/bitnami/apps/wordpress/conf/httpd-vhosts.conf | grep SSLCertificate
Those certificates must be the ones the Bitnami HTTPS configuration tool generated and they should exist in the instance
sudo ls -la /path/to/the/certificate