Control Web Panel

WebPanel => How to => Topic started by: jamshed_206 on May 05, 2019, 09:03:16 AM

Title: [Tutorial] How to install SSL on hostname?
Post by: jamshed_206 on May 05, 2019, 09:03:16 AM
Hello,

I could see that a lot of users are asking "How to install SSL on hostname" and I found a few tutorials some of which are working and others do not. Also, the tutorials which are working are lenghty and not for linux newbie.

So, I will teach you here how to install and configure Letsencrypt Free SSL on hostname in CWP in simple 3 steps.

1 - Check that you should have an A record for the hostname. For example if your server hostname is cp.hostinpk.com, then you should have an A record for "cp" pointing to server IP

2 - Login to CWP Admin Panel>> Server Settings>>Change Hostname and then hit "Change Hostname" button after putting your desired hostname (in my case cp.hostinpk.com). This will only generate a valid LE SSL for your hostname when an A record is present against hostname

3 - Perform following command from shell
Code: [Select]
service cwpsrv reload
THAT's IT. Enjoy the green padlock while accessing the CWP services (admin panel, user panel, webmail, etc..)
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: Dragan on May 06, 2019, 03:39:13 PM
This is my error.

AutoSSL: Issue Failed![Mon May  6 17:35:28 CEST 2019] Single domain='panel.betahostserver.com'
[Mon May  6 17:35:28 CEST 2019] Getting domain auth token for each domain
[Mon May  6 17:35:30 CEST 2019] Getting webroot for domain='panel.betahostserver.com'
[Mon May  6 17:35:30 CEST 2019] Verifying: panel.betahostserver.com
[Mon May  6 17:35:33 CEST 2019] Pending
[Mon May  6 17:35:36 CEST 2019] Pending
[Mon May  6 17:35:38 CEST 2019] Pending
[Mon May  6 17:35:40 CEST 2019] Pending
[Mon May  6 17:35:43 CEST 2019] Pending
[Mon May  6 17:35:46 CEST 2019] Pending
[Mon May  6 17:35:48 CEST 2019] Pending
[Mon May  6 17:35:51 CEST 2019] Pending
[Mon May  6 17:35:53 CEST 2019] panel.betahostserver.com:Verify error:DNS problem: SERVFAIL looking up CAA for betahostserver.com
[Mon May  6 17:35:53 CEST 2019] Please check log file for more details: /root/.acme.sh/acme.sh.log

In /root/.acme.sh/acme.sh.log  is

[Mon May  6 17:35:53 CEST 2019] skip dns.
[Mon May  6 17:35:53 CEST 2019] _on_issue_err
[Mon May  6 17:35:53 CEST 2019] Please check log file for more details: /root/.acme.sh/acme.sh.log
[Mon May  6 17:35:53 CEST 2019] url='https://acme-v02.api.letsencrypt.org/acme/challenge/SPH1oHvs_uQwKax9uN8DP4yoENli0itQYdwVG5LcuQE/15557108187'
[Mon May  6 17:35:53 CEST 2019] payload='{}'
[Mon May  6 17:35:53 CEST 2019] POST
[Mon May  6 17:35:53 CEST 2019] _post_url='https://acme-v02.api.letsencrypt.org/acme/challenge/SPH1oHvs_uQwKax9uN8DP4yoENli0itQYdwVG5LcuQE/15557108187'
[Mon May  6 17:35:53 CEST 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Mon May  6 17:35:54 CEST 2019] _ret='0'
[Mon May  6 17:35:54 CEST 2019] code='400'

Title: Re: [Tutorial] How to install SSL on hostname?
Post by: jamshed_206 on May 07, 2019, 11:09:16 AM
It seems that you have not A record for panel.betahostserver.com.

So, kindly go to DNS manager and add an A record for panel with server IP.
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: Guax on May 13, 2019, 10:01:35 AM
Excellent tutorial jamshed_206, thank you very much, I have had problems lately with this topic and now I have it much clearer. ;)
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: jamshed_206 on May 13, 2019, 10:44:03 AM
Excellent tutorial jamshed_206, thank you very much, I have had problems lately with this topic and now I have it much clearer. ;)

I am happy to see you happy. Enjoy the CWP and if you have any issue, contact me.
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: rhunyady on May 25, 2019, 09:15:53 PM
Followed the tutorial and still no green padlock!
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: jamshed_206 on May 27, 2019, 01:22:36 AM
Followed the tutorial and still no green padlock!

Can you send me your hostname.
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: imtom on May 30, 2019, 03:27:02 PM
I followed these instructions and without success, I went and obtained a Comodo SSL Certificate but cannot even add that to the server.


[root@hostsrv ~]# service cwpsrv reload
Redirecting to /bin/systemctl reload cwpsrv.service
[root@hostsrv ~]#

No errors

But when I go tot he site the browser keeps saying : 
This site is not secure

And in Opera I can't even override it as I can with MS Explorer

Any suggestions?
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: jamshed_206 on May 30, 2019, 04:02:53 PM
I followed these instructions and without success, I went and obtained a Comodo SSL Certificate but cannot even add that to the server.


[root@hostsrv ~]# service cwpsrv reload
Redirecting to /bin/systemctl reload cwpsrv.service
[root@hostsrv ~]#

No errors

But when I go tot he site the browser keeps saying : 
This site is not secure

And in Opera I can't even override it as I can with MS Explorer

Any suggestions?


Kindly confirm that you have an A record for the hostname?
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: rhunyady on May 30, 2019, 07:19:24 PM
Followed the tutorial and still no green padlock!

Can you send me your hostname.

ctrl.xfxtechserv.com

I do have an A record set for it too
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: imtom on May 30, 2019, 08:41:00 PM
it has both the A and the rDNS on the IP for the MX to work properly and if I try to put in my comodo ssl it says I created too many for the week , via the panel
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: Jason on June 15, 2019, 12:07:21 AM
Hello,

I could see that a lot of users are asking "How to install SSL on hostname" and I found a few tutorials some of which are working and others do not. Also, the tutorials which are working are lenghty and not for linux newbie.

So, I will teach you here how to install and configure Letsencrypt Free SSL on hostname in CWP in simple 3 steps.

1 - Check that you should have an A record for the hostname. For example if your server hostname is cp.hostinpk.com, then you should have an A record for "cp" pointing to server IP

2 - Login to CWP Admin Panel>> Server Settings>>Change Hostname and then hit "Change Hostname" button after putting your desired hostname (in my case cp.hostinpk.com). This will only generate a valid LE SSL for your hostname when an A record is present against hostname

3 - Perform following command from shell
Code: [Select]
service cwpsrv reload
THAT's IT. Enjoy the green padlock while accessing the CWP services (admin panel, user panel, webmail, etc..)

Thank You works like a charm :)
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: evansa on June 15, 2019, 08:40:59 PM
Followed the tutorial and still no green padlock!

Can you send me your hostname.

ctrl.xfxtechserv.com resolves to 24.154.72.145. Is this the IP of your cwp server?

I do have an A record set for it too
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: evansa on June 15, 2019, 08:41:25 PM
ctrl.xfxtechserv.com resolves to 24.154.72.145. Is this the IP of your cwp server?
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: glorency on June 18, 2019, 10:21:52 AM
This is my error.

AutoSSL: Issue Failed![Mon May  6 17:35:28 CEST 2019] Single domain='panel.betahostserver.com'
[Mon May  6 17:35:28 CEST 2019] Getting domain auth token for each domain
[Mon May  6 17:35:30 CEST 2019] Getting webroot for domain='panel.betahostserver.com'
[Mon May  6 17:35:30 CEST 2019] Verifying: panel.betahostserver.com
[Mon May  6 17:35:33 CEST 2019] Pending
[Mon May  6 17:35:36 CEST 2019] Pending
[Mon May  6 17:35:38 CEST 2019] Pending
[Mon May  6 17:35:40 CEST 2019] Pending
[Mon May  6 17:35:43 CEST 2019] Pending
[Mon May  6 17:35:46 CEST 2019] Pending
[Mon May  6 17:35:48 CEST 2019] Pending
[Mon May  6 17:35:51 CEST 2019] Pending
[Mon May  6 17:35:53 CEST 2019] panel.betahostserver.com:Verify error:DNS problem: SERVFAIL looking up CAA for betahostserver.com
[Mon May  6 17:35:53 CEST 2019] Please check log file for more details: /root/.acme.sh/acme.sh.log

In /root/.acme.sh/acme.sh.log  is

[Mon May  6 17:35:53 CEST 2019] skip dns.
[Mon May  6 17:35:53 CEST 2019] _on_issue_err
[Mon May  6 17:35:53 CEST 2019] Please check log file for more details: /root/.acme.sh/acme.sh.log
[Mon May  6 17:35:53 CEST 2019] url='https://acme-v02.api.letsencrypt.org/acme/challenge/SPH1oHvs_uQwKax9uN8DP4yoENli0itQYdwVG5LcuQE/15557108187'
[Mon May  6 17:35:53 CEST 2019] payload='{}'
[Mon May  6 17:35:53 CEST 2019] POST
[Mon May  6 17:35:53 CEST 2019] _post_url='https://acme-v02.api.letsencrypt.org/acme/challenge/SPH1oHvs_uQwKax9uN8DP4yoENli0itQYdwVG5LcuQE/15557108187'
[Mon May  6 17:35:53 CEST 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Mon May  6 17:35:54 CEST 2019] _ret='0'
[Mon May  6 17:35:54 CEST 2019] code='400'


Just Follow :

http://forum.centos-webpanel.com/ssl/install-let'sencrypt-for-admin-panel-user-panel-again-100-working/
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: evansa on June 18, 2019, 08:12:41 PM
....panel.betahostserver.com:Verify error:DNS problem: SERVFAIL looking up CAA for betahostserver.com..

This is clearly a DNS problem.

please ensure the hostname resolves to the public IP of your VPS
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: picknkeith on July 05, 2019, 02:54:56 PM
For what it's worth, this worked.  However, I ran into the issue on Chrome that my site was not secure.  When I read this post  and saw "Green" padlock, I immediately thought about Firefox (which is usually where I only see the green padlock).  So, I pulled up Firefox and sure enough, it worked.  I then went back to Chrome, pulled up an incognito tab, and it worked there.  So, I killed the original tab, cleared cache, and it worked.  Moral of the story: Try other browsers.
Thanks to the OP for helping with my solution.
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: jamshed_206 on July 07, 2019, 08:39:32 AM
For what it's worth, this worked.  However, I ran into the issue on Chrome that my site was not secure.  When I read this post  and saw "Green" padlock, I immediately thought about Firefox (which is usually where I only see the green padlock).  So, I pulled up Firefox and sure enough, it worked.  I then went back to Chrome, pulled up an incognito tab, and it worked there.  So, I killed the original tab, cleared cache, and it worked.  Moral of the story: Try other browsers.
Thanks to the OP for helping with my solution.

I am glad that it worked for you.
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: jamshed_206 on September 24, 2019, 01:48:39 AM
I have purchased a new cert and clicked the "Install new Certificate" option and that all completes correcty (shows cert as Self Signed: No and shows the cert type as the new REAL one).

However, when I go to https://server.domain.dom:2087 it still is using the old "self signed" default cert. Is there a step missing? I restarted Apache but not working still. So it appears like its gone to plan but the old cert is still there.

I have removed my browsers cache for the accepted self signed cert previously used so It shouldnt be releated to that.

Now, CWP has more powerful mechanism to Change hostname SSL. Now, you will have to only click on Change Hostname Button and select the services where you want to install the SSL.

Later on, you can change the SSL files with your own purchased SSL.
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: jony on May 06, 2020, 12:46:42 AM
Hello,

I could see that a lot of users are asking "How to install SSL on hostname" and I found a few tutorials some of which are working and others do not. Also, the tutorials which are working are lenghty and not for linux newbie.

So, I will teach you here how to install and configure Letsencrypt Free SSL on hostname in CWP in simple 3 steps.

1 - Check that you should have an A record for the hostname. For example if your server hostname is cp.hostinpk.com, then you should have an A record for "cp" pointing to server IP

2 - Login to CWP Admin Panel>> Server Settings>>Change Hostname and then hit "Change Hostname" button after putting your desired hostname (in my case cp.hostinpk.com). This will only generate a valid LE SSL for your hostname when an A record is present against hostname

3 - Perform following command from shell
Code: [Select]
service cwpsrv reload
THAT's IT. Enjoy the green padlock while accessing the CWP services (admin panel, user panel, webmail, etc..)



people like this friend are sorely missed on this forum
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: jamshed_206 on May 06, 2020, 12:56:35 AM
Hello,

I could see that a lot of users are asking "How to install SSL on hostname" and I found a few tutorials some of which are working and others do not. Also, the tutorials which are working are lenghty and not for linux newbie.

So, I will teach you here how to install and configure Letsencrypt Free SSL on hostname in CWP in simple 3 steps.

1 - Check that you should have an A record for the hostname. For example if your server hostname is cp.hostinpk.com, then you should have an A record for "cp" pointing to server IP

2 - Login to CWP Admin Panel>> Server Settings>>Change Hostname and then hit "Change Hostname" button after putting your desired hostname (in my case cp.hostinpk.com). This will only generate a valid LE SSL for your hostname when an A record is present against hostname

3 - Perform following command from shell
Code: [Select]
service cwpsrv reload
THAT's IT. Enjoy the green padlock while accessing the CWP services (admin panel, user panel, webmail, etc..)



people like this friend are sorely missed on this forum

I have not left the CWP and I am still here. :)
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: naeemirza on May 17, 2020, 11:07:02 PM
Hi,
I created instance at Google Cloud and after restart it changes the hostname automatically to default for which I had to issue SSL for numourous times while I was in process of setup.
Later I came to know that If I want to keep hostname permanent, I have to define while creating the instance. So I completely terminated the instance and re-created, installed CWP and used same hostname permanently during the creation of VM instance.

Now problem is I have created the instance but Let's Encrypt SSL is not allowing me to re-create the SSL for hostname/server fqdn with a message that I have created too many SSL and I can't create new for some specific time.

So I decided to use comodo SSL for the time being. Problem now is I don't know how to install manual SSL for my hostname.

Can anybody help me out on how to install Comodo SSL for my hostname? whereas the files I downloaded are following:

AAACertificateServices.crt
cloud_32n_co.crt
SectigoRSADomainValidationSecureServerCA.crt
USERTrustRSAAAACA.crt


Waiting for a positive responce from community.