This is about my most recent experience about switching my blog to HTTPS using a free SSL certificate from letsencrypt and configuring the wordpress configurations, though it took me around a whole day to mess around 😀

• Install SSL certificate from Let’sEncrypt (which is free and should be renewed every 3 months)
  This guide from Certbot https://certbot.eff.org/  has helped me in configuring the certificate within some minutes
  • I have placed a Cron to renew the certificate every 2 months
    10 10 * */2 * root certbot renew –quiet
• Configure HTTPS on nginx 
  • My configuration for the  nginx (/etc/nginx/nginx.conf)
    well I use a proxy passe to apache where all vhost are stored 😀


server {
listen 80 default_server;
server_name test.com www.test.net;
root <documentRoot>;
return 301 https://$host$request_uri; 
...
}
#HTTPS
server {
listen 443 ssl;
server_name test.com www.test.net;
root <documentRoot>;
ssl on;
ssl_certificate /etc/letsencrypt/live/test.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/test.com/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
include /etc/nginx/default.d/*.conf;
location / {
proxy_pass http://x.y.z.w:ffff$request_uri;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
error_page 400 401 402 403 404 @maintenance400;
location @maintenance400 {
if ($uri !~ ^/maintenance_files/) {
rewrite ^(.*)$ /404.html break;
}
}
error_page 500 502 503 504 @maintenance500;
location @maintenance500 {
if ($uri !~ ^/maintenance_files/) {
rewrite ^(.*)$ /503.html break;
}
}


The certificate path will be provided to you on the console while generating using the guide for certbot

• Restart the Nginx service
  • service nginx restart
• Your URL should be accessible via HTTPS :-), however the contents for your wordpress content might be distorted (if its fresh start then it is fine else if you are migrating to HTTPS, you will curse yourself 😀  — redirection loops, distort contents, Insecure elements loading…)
• Configuring Your wordpress to works under HTTPS which passe through proxy
  • Make a dump of your database (to be on safer side) which is being used by wordpress
  • Logon to your WordPress Dashboard
  • Install Plugin “WordPress HTTPS”
  • On HTTPS settings (found on the dashboard itself),
    On general Settings (make sure its like the following)
    • SSL HOST: yourdomain.com
    • checked FORCE SSL ADMINISTRATION
    • Checked Remove Unsecured Elements
    • Proxy – click on “Yes”
    • Click on save Changes
• 
  • Go to General Settings,
    on wordress Address URL – change it to https://yourdomain.com
    On Site Adress URL – change it to https://yourdomain.com
  • Go to your Document Root and add the following configurations to your wp-config.php file

$DOCUMENT_ROOT/wp-config.php

define('FORCE_SSL_ADMIN', true);
// in some setups HTTP_X_FORWARDED_PROTO might contain
// a comma-separated list e.g. http,https
// so check for https existence
if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false)
$_SERVER['HTTPS']='on';


Try to refresh your Website, it should be redirected to https 😀

In case you have some insecure elements, test your website on https://www.whynopadlock.com/

and follow the guide https://givewp.com/documentation/resources/how-to-use-ssl-and-https-for-your-wordpress-website/

Reference:

• https://certbot.eff.org/
• https://www.digitalocean.com/community/tutorials/how-to-configure-nginx-as-a-web-server-and-reverse-proxy-for-apache-on-one-ubuntu-14-04-droplet
• https://givewp.com/documentation/resources/how-to-use-ssl-and-https-for-your-wordpress-website/
• http://www.wpbeginner.com/wp-tutorials/how-to-add-ssl-and-https-in-wordpress/