Control Web Panel
WebPanel => CentOS 7 Problems => Topic started by: joaomach on March 27, 2017, 08:44:40 PM
-
I am adding this question here since this seems to be a CWP7 specific issue, this was originally posted here: http://forum.centos-webpanel.com/ssl/can't-install-let's-encrypt-ssl-on-admin-for-cwp7-need-assistance/ (http://forum.centos-webpanel.com/ssl/can't-install-let's-encrypt-ssl-on-admin-for-cwp7-need-assistance/)
've been attempting to install a Let's Encrypt certificate for the admin panel for CWP7 and here's the steps I've followed:
First I attempted to follow this guide:
http://wiki.centos-webpanel.com/hostname-ssl-with-letsencrypt
(Including the YouTube video)
It appears that a few file names might be wrong, because the video wants the file /usr/local/apache/conf.d/vhosts-hostname.conf edited, but in the Video, it's showing the edit of /usr/local/apache/conf.d/vhosts.conf through the admin page.
So as a test I setup my admin virtual host through the admin page (i.e. vhosts.conf) per the video with proper host.hostname.com entries/IP and then I installed the Let's Encrypt Cert, followed by checking my admin panel server page for SSL and that appeared functional on port 443. The next stage was to add the ability to use the cert on port 2031.
The guide indicates to make changes to: /usr/local/cwpsrv/conf.d/cwp-ssl.conf
The file cwp-ssl.conf didn't exist, so I created the file with the proper entries and then attempted to restart CWP, that lead this error:
Redirecting to /bin/systemctl restart cwpsrv.service
Job for cwpsrv.service failed because the control process exited with error code. See "systemctl status cwpsrv.service" and "journalctl -xe" for details.
After searching, making adjustments based on other attempts discovered online and so forth, it appeared this wasn't going work and then I noticed ALL the guides and videos I've been reading/viewing were related to CWP (v6) and not CWP7 - does anyone have a guide and/or advice on setting up the admin page (port 2031) using the Let's Encrypt certs.
FWIW, it seems that any changes made to cwp-ssl.conf lead to a restart error.
Has anyone
-
make changes to cwpsrv.conf only don't create cwp-ssl.conf manually
-
make changes to cwpsrv.conf only don't create cwp-ssl.conf manually
Hello Sandeep, so I looked at the file, tried adding the entries as in the tutorial, but it still gives the error...
Here is the SSL section of the file, where do I insert that information?
server {
listen 2031;
listen 2087;
listen 2083;
server_name localhost;
ssl on;
ssl_session_timeout 90m;
ssl_certificate /etc/pki/tls/certs/hostname.crt;
ssl_certificate_key /etc/pki/tls/private/hostname.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
root /usr/local/cwpsrv/htdocs/admin;
index index.html index.htm index.php;
ModSecurityEnabled off;
ModSecurityConfig /usr/local/cwpsrv/conf/security/conf/global_rules.conf;
# Includes
include /usr/local/cwpsrv/conf/cwp_rewrite.conf;
include /usr/local/cwpsrv/conf/cwp_services.conf;
include /usr/local/cwpsrv/conf/include/*.conf;
include /usr/local/cwpsrv/conf/cwp_panels.conf;
location ~ \.php$ {
try_files $uri =404;
root /usr/local/cwpsrv/htdocs/admin;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_read_timeout 600;
fastcgi_pass unix:/usr/local/cwp/php71/var/sockets/cwpsrv.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
include fastcgi_params;
}
}
}
include /usr/local/cwpsrv/conf.d/*.conf;
}