Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
76
SSL / Install Letsencrypt SSL Certificate for your Server Hostname/FQDN, 100% Working
« on: April 18, 2018, 05:40:20 PM »
Hello Guys,
Today I am going to show you a easy steps to install Letsencrypt SSL Certificate for your Server Hostname/FQDN and I hope that it will be 100% working on your CentOS-Webpanel as mine .
Environment Details:
CentOS-Web Panel version: CWP7.admin
IP: Single (103.56.209.100)
RAM: 4 GB
Type: VPS
[root@server1 ~]# hostname
server1.datahead.biz
[root@server1 ~]# cat /etc/redhat-release
CentOS Linux release 7.4.1708 (Core)
[root@server1 ~]# getenforce
Disabled
[root@server1 ~]# systemctl status firewalld
â firewalld.service
Loaded: masked (/dev/null; bad)
Active: inactive (dead)
Must have proper DNS Records/Configuration
My Basic DNS records as follows:
A records with PTR
server1 103.56.209.100
ns1 103.56.209.100
ns2 103.56.209.100
server1.datahead.biz resolves to 103.56.209.100
ns1.datahead.biz resolves to 103.56.209.100
ns2.datahead.biz resolves to 103.56.209.100
After Completing all Basic configuration , Follow the Basic Steps below :
1.Apache Settings >> Letsencrypt Manager >> Install Letsencrypt
2. From Custom Install of Letsencrypt Options , Provide your Basic Information . Example :
Custom Install (can be used for hostname also):
Domain: server1.datahead.biz
Path:/usr/local/apache/htdocs/
UserName: nobody
Email: rubeldonarman@gmail.com [your valid email]
IP: 103.56.209.100
Port: 443
3. Now Click on "Install Custom Certificate"
===================After few Minutes , you will get below information as mine ===============
# vhost_start server1.datahead.biz
<VirtualHost 103.56.209.100:443>
ServerName server1.datahead.biz
ServerAdmin rubeldonarman@gmail.com
DocumentRoot /usr/local/apache/htdocs/
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/server1.datahead.biz/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/server1.datahead.biz/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/server1.datahead.biz/fullchain.pem
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
<IfModule mod_suexec.c>
SuexecUserGroup nobody nobody
</IfModule>
<IfModule mod_suphp.c>
suPHP_UserGroup nobody nobody
suPHP_ConfigPath /home/nobody
</IfModule>
<Directory "/usr/local/apache/htdocs/">
AllowOverride All
</Directory>
</VirtualHost>
# vhost_end server1.datahead.biz
========================== Copy the above information ========================
4.Go to Apache Settings >> Apache Include Conf >> hostname-ssl.conf
You will see your server self-sign ssl certificate as below (backup it before proceed):
# vhost_start server1.datahead.biz
<VirtualHost 103.56.209.100:443>
ServerName server1.datahead.biz
DocumentRoot /usr/local/apache/htdocs
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/server1.datahead.biz.cert
SSLCertificateKeyFile /etc/pki/tls/private/server1.datahead.biz.key
SSLCertificateChainFile /etc/pki/tls/certs/server1.datahead.biz.bundle
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
<IfModule mod_suexec.c>
SuexecUserGroup nobody nobody
</IfModule>
<IfModule mod_suphp.c>
suPHP_UserGroup nobody nobody
</IfModule>
<Directory "/usr/local/apache/htdocs">
AllowOverride All
</Directory>
</VirtualHost>
# vhost_end server1.datahead.biz
5. Delete self-sign ssl configuration and paste here your Letsencrypt Configuration as below :
# vhost_start server1.datahead.biz
<VirtualHost 103.56.209.100:443>
ServerName server1.datahead.biz
ServerAdmin rubeldonarman@gmail.com
DocumentRoot /usr/local/apache/htdocs/
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/server1.datahead.biz/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/server1.datahead.biz/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/server1.datahead.biz/fullchain.pem
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
<IfModule mod_suexec.c>
SuexecUserGroup nobody nobody
</IfModule>
<IfModule mod_suphp.c>
suPHP_UserGroup nobody nobody
suPHP_ConfigPath /home/nobody
</IfModule>
<Directory "/usr/local/apache/htdocs/">
AllowOverride All
</Directory>
</VirtualHost>
# vhost_end server1.datahead.biz
6. Click on "Save Changes"
7.Restart your Apache server
[root@server1 ~]# systemctl restart httpd
8. Now Edit and Save
[root@server1 ~]# vi /usr/local/cwpsrv/conf/cwpsrv.conf
server {
listen 2031;
listen 2087;
listen 2083;
server_name localhost;
ssl on;
ssl_session_timeout 90m;
ssl_certificate /etc/letsencrypt/live/server1.datahead.biz/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/server1.datahead.biz/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
error_page 497 https://$host:2087$request_uri;
9.Restart the services
[root@server1 ~]# systemctl restart httpd
[root@server1 ~]# systemctl restart cwpsrv
10. Finally Check and visit
CWP Admin Panel Link (by hostname)
https://server1.datahead.biz:2031/
https://server1.datahead.biz:2087/
CWP User Panel Link (by hostname)
https://server1.datahead.biz:2083/
if you need any kind of help , please comment
Today I am going to show you a easy steps to install Letsencrypt SSL Certificate for your Server Hostname/FQDN and I hope that it will be 100% working on your CentOS-Webpanel as mine .
Environment Details:
CentOS-Web Panel version: CWP7.admin
IP: Single (103.56.209.100)
RAM: 4 GB
Type: VPS
[root@server1 ~]# hostname
server1.datahead.biz
[root@server1 ~]# cat /etc/redhat-release
CentOS Linux release 7.4.1708 (Core)
[root@server1 ~]# getenforce
Disabled
[root@server1 ~]# systemctl status firewalld
â firewalld.service
Loaded: masked (/dev/null; bad)
Active: inactive (dead)
Must have proper DNS Records/Configuration
My Basic DNS records as follows:
A records with PTR
server1 103.56.209.100
ns1 103.56.209.100
ns2 103.56.209.100
server1.datahead.biz resolves to 103.56.209.100
ns1.datahead.biz resolves to 103.56.209.100
ns2.datahead.biz resolves to 103.56.209.100
After Completing all Basic configuration , Follow the Basic Steps below :
1.Apache Settings >> Letsencrypt Manager >> Install Letsencrypt
2. From Custom Install of Letsencrypt Options , Provide your Basic Information . Example :
Custom Install (can be used for hostname also):
Domain: server1.datahead.biz
Path:/usr/local/apache/htdocs/
UserName: nobody
Email: rubeldonarman@gmail.com [your valid email]
IP: 103.56.209.100
Port: 443
3. Now Click on "Install Custom Certificate"
===================After few Minutes , you will get below information as mine ===============
# vhost_start server1.datahead.biz
<VirtualHost 103.56.209.100:443>
ServerName server1.datahead.biz
ServerAdmin rubeldonarman@gmail.com
DocumentRoot /usr/local/apache/htdocs/
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/server1.datahead.biz/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/server1.datahead.biz/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/server1.datahead.biz/fullchain.pem
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
<IfModule mod_suexec.c>
SuexecUserGroup nobody nobody
</IfModule>
<IfModule mod_suphp.c>
suPHP_UserGroup nobody nobody
suPHP_ConfigPath /home/nobody
</IfModule>
<Directory "/usr/local/apache/htdocs/">
AllowOverride All
</Directory>
</VirtualHost>
# vhost_end server1.datahead.biz
========================== Copy the above information ========================
4.Go to Apache Settings >> Apache Include Conf >> hostname-ssl.conf
You will see your server self-sign ssl certificate as below (backup it before proceed):
# vhost_start server1.datahead.biz
<VirtualHost 103.56.209.100:443>
ServerName server1.datahead.biz
DocumentRoot /usr/local/apache/htdocs
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/server1.datahead.biz.cert
SSLCertificateKeyFile /etc/pki/tls/private/server1.datahead.biz.key
SSLCertificateChainFile /etc/pki/tls/certs/server1.datahead.biz.bundle
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
<IfModule mod_suexec.c>
SuexecUserGroup nobody nobody
</IfModule>
<IfModule mod_suphp.c>
suPHP_UserGroup nobody nobody
</IfModule>
<Directory "/usr/local/apache/htdocs">
AllowOverride All
</Directory>
</VirtualHost>
# vhost_end server1.datahead.biz
5. Delete self-sign ssl configuration and paste here your Letsencrypt Configuration as below :
# vhost_start server1.datahead.biz
<VirtualHost 103.56.209.100:443>
ServerName server1.datahead.biz
ServerAdmin rubeldonarman@gmail.com
DocumentRoot /usr/local/apache/htdocs/
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/server1.datahead.biz/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/server1.datahead.biz/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/server1.datahead.biz/fullchain.pem
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
<IfModule mod_suexec.c>
SuexecUserGroup nobody nobody
</IfModule>
<IfModule mod_suphp.c>
suPHP_UserGroup nobody nobody
suPHP_ConfigPath /home/nobody
</IfModule>
<Directory "/usr/local/apache/htdocs/">
AllowOverride All
</Directory>
</VirtualHost>
# vhost_end server1.datahead.biz
6. Click on "Save Changes"
7.Restart your Apache server
[root@server1 ~]# systemctl restart httpd
8. Now Edit and Save
[root@server1 ~]# vi /usr/local/cwpsrv/conf/cwpsrv.conf
server {
listen 2031;
listen 2087;
listen 2083;
server_name localhost;
ssl on;
ssl_session_timeout 90m;
ssl_certificate /etc/letsencrypt/live/server1.datahead.biz/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/server1.datahead.biz/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
error_page 497 https://$host:2087$request_uri;
9.Restart the services
[root@server1 ~]# systemctl restart httpd
[root@server1 ~]# systemctl restart cwpsrv
10. Finally Check and visit
CWP Admin Panel Link (by hostname)
https://server1.datahead.biz:2031/
https://server1.datahead.biz:2087/
CWP User Panel Link (by hostname)
https://server1.datahead.biz:2083/
if you need any kind of help , please comment
