WP Encrypt error on GC bitnami Wordpress MU

Bitnami VM Wordpress MU (Installed and launched through Google Cloud Console)

I am trying to Register Account through Wordpress Dashboard > WP Encrpt for a Lets Encrypt SSL Certificate.

I have recived the following permissions error

“Could not create directory /opt/bitnami/apps/wordpress/letsencrypt/live/account for private key. Please check your file system permissions.”

  1. How am I to change the permissions and what/who (which user) should they be changed.
    Should i just add my wordpress user to the daemon group?
  2. Should these levels of permssions access shown in the /opt/bitnami/apps/wordpress/ (as setup by the default bitnami isntal) even be used in a Wordpress Multiste environment?

to?

I have resolved my issue.

I did a search of the current users on the web server (obviously bitnami, daemon, and are in this list.

I then searched the groups that these users belong to and found that the user belongs to a group called bitnami_admins.

I added to the bitnami_admins group and also to the daemon group

i am not sure about being a member of the daemon group, perhaps i should remove myself from it?

Anyway, this sorted my problem…Wordpress now is able to access the required directory reqested by the WP Encrypt plugin during its registration process.

Hi @adamjedgar,

It seems you had a permissions issue, could you please share with us the permissions of that folder?

ls -la /opt/bitnami/apps/wordpress/letsencrypt/live/

As this guides says, you need to create the letsencrypt/live folder and set the permissions

sudo mkdir -p /opt/bitnami/apps/wordpress/letsencrypt/live 
sudo chown -R bitnami:daemon /opt/bitnami/apps/wordpress/letsencrypt
sudo find /opt/bitnami/apps/wordpress/letsencrypt -type d -exec chmod 0775 {} \;
sudo find /opt/bitnami/apps/wordpress/letsencrypt -type f -exec chmod 0664 {} \;

https://docs.bitnami.com/virtual-machine/apps/wordpress-multisite/#how-to-install-the-wp-encrypt-plugin-for-lets-encrypt-certificate-generation

The bitnami-admins group is a group that allows the bitnami user to run sudo commands. If you add daemon to that group, daemon will be able to run sudo commands that is insecure so please remove that user of that group and follow the documentation that I shared with you above.

Regards,
Jota

Sorry Jota,
i made a typo in last message…

i did not add bitnami to daemon group nor did i add daemon to the bitnami_admins group.

I added my user to both.

I think i may have queried my having added my user to the daemon group?

I am a little confused by the adding of bitnami as the owner of the letsencrypt directory.

The wordpress user is not bitnami. The wordpress user needs to be able to read and write to that directory in order for wp encrypt to register does it not?

Hi,

You have different users in the instance:

  • bitnami: it’s the default user that bitnami includes in the instances and it has permissions to read and write in the different folders of the installation
  • daemon: The user that the web server uses to work
  • your_user: it’s a user that Google includes in the instance.

You can access the instance using your_user or bitnami and as bitnami has permissions to write in the different folders I suggest you use it instead of adding your user to the admin group.

https://docs.bitnami.com/google/faq/#connecting-with-an-ssh-client

Regards,
Jota

I don’t know if this matter was ever resolved, but here’s the solution I found. Check out my post here.