With all of the issues around web security, there's a pretty easy solution using EFF's certbot and LetsEncrypt.org. I use an Nginx proxy in front of everything, so all of the encryption terminates there. So using certbot with webroot was pretty easy and then it was just a matter of adjusting the Nginx config.
In each site that I migrated to SSL, here's an example of what the final config looks like. This works for both Joomla! and Wordpress sites behind Nginx. Nginx listens on http/80 and redirects to https/443.
server {
listen 80;
server_name site_name.come www.site_name.com;
return 301 https://$host$request_uri; }
server { listen 443 ssl; server_name site_name.com www.site_name.com; ssl_certificate /etc/letsencrypt/live/your_site/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/your_site/privkey.pem; ssl on;
location / { proxy_set_header Host $host; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Proto $scheme; proxy_pass http://172.17.0.1:8082; proxy_redirect http:// https://; }