Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - Jim Meijer

Pages: [1]
SSL / Re: How to install multiple SSL certificates on shared IP
« on: May 12, 2018, 11:48:52 AM »
Dear reader,

Since two weeks I have a cloud server with a Dutch provider, Neostrada.
I have been with Neostrada as an affiliate marketer for 10 years and have several domains. For speed, and therefore a plus point to rank in Google, you really need a Cloud Server. Ok, I have one now. 10cpu / 20gb ram and enough ssd storage space.

I am a user, not a programmer. I have been working with Appel for 20 years and am used to working with a computer with software without having to solve all kinds of problems related to the functionality of the system. Before I switched to Apple, I always worked with Suse Linux. So I have an obsolete knowledge base to work with a linux system. Once again I am a clear user and want a system to work for me.

The first virtual server installation was done by Neostrada. CentOS server with cPanel and WHM installation. I pay 16 euros per month on top of the monthly costs of the cloud server. Everything works fine, I can install wordpress without any effort. And I can do what I like to do, make affiliate websites to earn money!

Website copied from a standard hosting domain, and put on the cloud server. Everything is fine, I only had to adjust the php.ini, the maximum size of an upload file. Standard seemingly 2m, I made 1024m. Furthermore, no problem.

Now I'm going to test the speed of my webpage. That was ultimately my reason to rent a cloud server. The most important test site for me is Google's speed insights. If I do not get 100% here, my website will not go online!
With a standard hosting I normally do not go beyond 86 - 91%. The problem is always the server response time. This is normally between .8 and 1.3 sec. If I want to reach 100%, I have to have a server response time that is faster than 200ms (0.2sec).
Ok everything on the cloud server is ready and the test shows that I am not faster than a standard hosting. (Standard hosting at Neostrada is 6 cpu / ssd for 96 euro per year excluding VAT). For the cloud server I pay 99.95 euros per month (10cpu / 20gB memory plus 27.95 for cPanel with ssl certificate.

Dam, the cloud server is nothing faster than standard hosting. But much more expensive. Performed several tests, and came to the conclusion that it is a save installation. Always working, fully guaranteed, but really not fast. I decided to set up my cloud server myself. It can not be true that a cloud server of more than 100 euros per month is not faster than a standard hosting of 8 euros per month ?!

I have a choice of CentOS, debian, freeBSD and Ubuntu. First I have to have a replacement before Cpanel is not too expensive. Because at first the preinstalled cloud server with CentOS is too slow, I did not look at CWP7. After some searching on the net, I came to Vitual min. 60 euros per year per IP address. cPanel Solo is 15 euros per month x 12 = 180 euros per year.

VirtualMin works great on my first test with a debian server. I use NgiNx as a replacement for Apache. Works fine with VirtualMin, but .... The ngiNx version for VirtualMin on Debian is 1.10.2 and I can not install a PageSpeed module. At least I've been trying it for three days and I'm not getting it working. Not a good combination for me. And my web performence does not exceed 91% with Speed Insights from Google.

On the cloud server of my provider the installation of FreeBSD and Ubuntu failed completely. Why? I do not know. I think it's up to the provider. I am now sufficiently worried, if my provider can not provide a good installation, I will not go far to find out why that is. I am afraid that I will only get more problems because apparently their support is not sufficient for these Linux packages.

Ok, back to CentOS 7.4. New cloud server created without virtual manager. Everything just old fashioned installed by hand. Yep everything works, NgiNx 1.13 with pagespeed, mysql, mariaDB, php and wordpress. Cloudcmd as browser file manager. Apple terminal as terminal manager. Yes, Speed insights 96%. All I have to do is compress my css and I will be 100%. great, very satisfied. Top.

But .... suddenly there is an update of CentOS which consists of 357 updates. Nothing works after the update. After a few hours of dabbling and heavy frustration, I find out that my / var directory has changed to / fs / var ???? No program could therefore still find the PID file. Nginx and some more programs manually adjusted and the PID files in a different directory. Yep everything works again, but still some problems. 5 hours later and 20 reboots the / fs / var directory is suddenly back to normal and just / var. I fall from my chair, tend to throw my computer against the wall. I want to kill my girlfriend and shoot the neighbor dead.

After hyperventilating for 1 hour, I put everything back as it was. Everything works properly again but the speed test does not go beyond 91% and I suddenly have no browser compression anymore !! That is really too much for me. I then decide to look for another virtual manager. This is how I end up here at the CentOS web panel. In the hope that they have designed a manager who installs ssl and nginx without any problems. Without having to trudge for hours to get it running. Do I ask too much? Is it special what I want? Just wordpress with NgiNx. Speed Insight at 100% with a server response time of less than 200ms. That does not seem too much, does it? For the time being I have been working for two weeks, without any satisfactory result.

I confess immediately that my basic knowledge is limited (at least that is what I learned from the past two weeks). But surely there will be a Virtual Manager who understands what a user wants and that also simply installs without any problems? Or should I hire an expert for 500 euros, to make an installation that just does it?

I hope that there is someone who reads this story and understands my frustration. Hopefully an expert, and then informed me that he is ordering my installation for a small amount.

Because CWP7pro also starts immediately with some frustration. I have created a new CentOS with the necessary updates and a clean CWP7 installation. 1 user created as proposed in the documentation of CWP7. Next I want to install my SSL certificate for my domain. That is already a frustration in itself.

I start with "How to install multiple SSL certificates on shared IP". What? multiple SSL on shared IP? I only have 1 certificate with key and bunddle. I have searched in the documentation of CWP7 but nowhere can I find how I simply install 1 certificate for a website domain!

Then continue reading in "How to install multiple SSL certificates on shared IP".

1. Install Browser Valid SSL Certificate (no exception needs to be added in your browser). That seems to be what I need. Oh, I have to fill in a few things and then request a certificate. Pfff, I do not need that because I already have a certificate!

I then start at point 3.
3.Once you have received new SSL Certificate from valid seller you can download it by clicking on "Browse installed SSL Certificates" in CWP SSL Generator
and edit file "/etc/pki/tls/certs/DOMAIN.COM.cert"

I go to SSL Generator and look for "Browse installed SSL Certificates". Frustrating, its not existing! Maybe they mean SSL Certificate Manager? Ok, i click on it. Yep, now I see an option "/etc/pki/tls/certs/DOMAIN.COM.cert". I click on it.
Yep the filemanager goes to / etc / pki / tls / certs /. Mmmm there I seem to find DOMAIN.COM.cert.

Unfortunately, the file DOMAIN.COM.cert is not there. There are only 2 files that end in .CERT And that are make-dummy-cert and renew-dummy-cert. Ok I stop here, because the documentation does not match the actual installation.

As I read further in the documentation, someone named fafache responded on November 08, 2015, with the title "Maybe you need a better tutorial ..." He explains clearly how it should be done! That the makers of CWP7 have not yet adapted their documentation after 2015 is incomprehensible. But it also tells me something about the product they are trying to promote.

I continue reading "A) the clean way:"
Ok, I go to SSL Generator and fill all the fields. Domain name with WWW. is generated.

Next step:
"OK, now you can buy a certificate, in the certificate generation process, you need to give the .CSR (key inside www.yourdomain.tld.csr) to your SSL Dealer."
I already had a certificate, so I skip this step.

Next step:
1. in your CWPanel → Apache settings → SSL cert Manager
2. follow the / etc / pki / tls / cert web-link for File Manager in this directory.
Then I suddenly have a file manager that completely makes my screen unreadable. That means that I end up on a blank screen. There is everything at the bottom of the screen. But because the screen is only half legible, I can not do anything with it. This is a part of the error message that appears at the bottom of the screen:
" →
Fatal error: Uncaught Error: Call to undefined function ereg () in /usr/local/cwpsrv/htdocs/resources/admin/modules/file_manager.php:0 Stack trace: # 0 / usr / local / cwpsrv / htdocs / resources / admin / modules / file_manager.php (0): simplify_path ('/ etc / pki / tls / ce ...') # 1 /usr/local/cwpsrv/htdocs/resources/admin/modules/file_manager.php(0) : relative2absolute ('/ etc / pki / tls / ce ...', '/ etc / pki / tls / ce ...') # 2 / usr / local / cwpsrv / htdocs / resources / admin / modules / file_manager. php (0): listing (Array) # 3 /usr/local/cwpsrv/htdocs/resources/admin/modules/file_manager.php(0): listing_page () # 4 / usr / local / cwpsrv / htdocs / admin / admin /index.php(0): unknown () # 5 {main} thrown in /usr/local/cwpsrv/htdocs/resources/admin/modules/file_manager.php on line 0

Fantastic, but what do I have to do with it? Half legible. Ok, I decide to reboot, maybe that helps.


Nope, no change. The file manager still has a distorted picture.

I go to the Advanced PHP File manager. Locate the directory / etc / pki / tls / certs /.
I find NO file www.yourdomain.tld.csr there.
But a file www.yourdomain.tld.cert
I rename the www.yourdomain.tld.cert for yourdomain.tld.cert. Why, it's a gamble. I do not know it either!

Hey, that's weird, I can not change this file!

This is the end of my trip with CWP7. I followed the documentation on the letter. Now I do not know what to do anymore. Meanwhile spent 5 hours on CWP7, to come to the conclusion that the package is simply not good and full of mistakes. The documentation does not match the program.

Pages: [1]