Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - carbonhosting

Pages: [1]
1
SSL / Re: Trouble installing SSL from Comodo [Nginx Failed]
« on: August 12, 2018, 04:26:31 PM »
Hi, Just letting you know that we ran into the same issue at Carbon Hosting for a client.

We had the issue with Comodo EV.

Even after following this guide at https://www.namecheap.com/support/knowledgebase/article.aspx/9771/2238/apache-error-x509checkprivatekeykey-values-mismatch

My solution was to take the web server back to only Apache. (It was Apache, Nginx, Varnish)

Install the cert using the /admin/index.php?module=ssl_certificate "Manual Install"
I copied in the cert and private key, clicked on generate Intermediate certificates.
Checking that this worked, rebuild the server as Apache, Nginx, Varnish

Also you may want to edit the master vhost template to remove TLSv1 (/admin/index.php?module=vhost_tpl)
CWP Configuration Templates for nginx_proxy_vhost_ssl

ssl_protocols TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
ssl_prefer_server_ciphers on;

Save and rebuild the vhost

Now test your domain using https://www.ssllabs.com/ssltest/analyze.html

Regards
Carbon Hosting

Pages: [1]