The WordPress healthcheck was complaining about REST API and curl error 7. I narrowed it down to a SSL problem based on the error msgs complaining about no response on port 443. Weird as I didn’t have this problem yesterday.
Despite setting up my DNS with cloudflare and having traffic proxied under their SSL tunnel, it is not a true SSL connection. I figured this out when I “curl https://localhost” or “curl https://adrianng.com” and it said connection refused. (The cloudflare proxy only encrypts the traffic between the client’s browser and cloudflare’s server. The traffic between cloudflare and my web server was still unencrypted.)
I ended up using cerbot / letsencrypt to install a SSL certificate on this web server:
sudo snap install core; sudo snap refresh core
sudo snap install –classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
sudo certbot –apache
This successfully setup a certificate on the server and the site was SSL enabled. “curl https://adrianng.com” proved this as now I get a proper response. However on the web browser, I was getting too many redirects.
To fix this, I went into my cloudflare dashboard, SSL/TLS and found this screen:
Changing it from Flexible to Full (or even Full strict) made it work again.