Digital certificates

I can't set up an ssl certificate on the site correctly?

Купила ссл сертификат, сайт стоит на удаленном VPS на Ubuntu 16. Залила сертификат в /etc/ssl, в итоге главная страница работает, а ссылки не работают вообще, выходит 404 ошибка, страницы даже через меню не открываются. Перерыла весь интернет, всяко разно меняла .htaccess


RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

# END WordPress
и так

RewriteEngine On
RewriteCond %{HTTPS} =off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [QSA,L]
и так

RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
и так

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
все безрезультатно.

Сайт работает на worpress при попытке добавить новую запись выходит ошибка: Ошибка публикации. Ответ не является допустимым ответом JSON. Все ссылки изменены на https как в БД так и home и site url через общие настройки. Меняла настройки apache прописывала отдельно 443 порт в конфиге: '''


# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.mydomain.ru
ServerAdmin [email protected]
DocumentRoot /var/www/mysite.ru/public_html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/mysite.ru-error.log
CustomLog ${APACHE_LOG_DIR}/mysite.ru-access.log combined

# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
SSLEngine on
SSLCertificateFile /etc/ssl/certs/mysite.ru.crt
SSLCertificateChainFile /etc/ssl/certs/mysite.ru.crt
SSLCertificateKeyFile /etc/ssl/private/mysite.ru.key




# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName mysite.ru
ServerAlias www.mysite.ru

ServerAdmin [email protected]
DocumentRoot /var/www/mysite.ru/public_html

# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn

ErrorLog ${APACHE_LOG_DIR}/mysite.ru-error.log
CustomLog ${APACHE_LOG_DIR}/mysite.ru-access.log combined

# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
ProxyPassMatch ^/(.*\.php(/.*)?)$ unix:/run/php/php7.1-fpm.sock|fcgi://localhost/var...

Header always append X-Frame-Options SAMEORIGIN
Header set X-Content-Type-Options nosniff
Header set X-XSS-Protection "1; mode=block"

'''
Подскажите пожалуйста что я делаю не так? И куда надо копать?