Author: Mark
WP Config fix needed
In some cases, your wp-config.php will require some adjustments before the site works correctly over SSL. This usually happens when your site is behind a loadbalancer, or if your wp-config.php contains a hardcoded http:// URL in the WP_HOME or WP_SITEURL constant. Really Simple Security will fix this automatically in most cases, but fails if the wp-config.php file is not writable. To automatically fix this issue, make your wp-config.php file writable. Alternatively, you can do the following to manually fix this issue:
Renewing a Really Simple SSL Let’s Encrypt SSL certificate
Really Simple SSL will let you know when your Let’s Encrypt certificate generated by Really Simple SSL is about to expire. Two weeks before the expiration date, you will see one of the following notices in your SSL settings dashboard: The SSL certificate has been renewed and requires manual installation in your hosting dashboard When the plugin has renewed the certificate but hasn’t been able to install the renewed certificate automatically, you will see the following notice: If you see
OCSP Stapling
OCSP Stapling OCSP stands for Online Certificate Status Protocol. It is a tool to check the certificate status in real-time. When a user visits your site, an OCSP request is generally made to the Certificate Authority that issued the SSL certificate. This is done to verify the SSL certificate hasn’t been revoked. Since this check is done in real-time it can create a short delay. This is where OCSP stapling comes in. In short, OCSP stapling saves the results of
MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING
MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING This is an uncommon error which can occur when there’s an issue with OCSP stapling on your webserver. It happens when OCSP stapling is required, but not available. We recommend to contact your hosting provider about this issue, they will be able to enable OCSP stapling which will fix the issue. The other reason this error can occur is if you are behind a proxy. If that is the case, you can try the following to access the site:
Protect SSL generation directories
Protect SSL generation directories this warning occurs when your SSL certificate files aren’t protected. This happens when Really Simple SSL has created an ssl/certs and ssl/keys directory in your websites root folder. The public certificate (*.crt) being available is not an issue, it’s the private key (*.key) file that needs to be protected. To fix this issue, you can modify the file permissions to 644 for the .crt file and 600 for the .key file. You might have to ask your hosting provider