Control Web Panel

WebPanel => How to => Topic started by: jamshed_206 on May 05, 2019, 09:03:16 AM

Title: [Tutorial] How to install SSL on hostname?
Post by: jamshed_206 on May 05, 2019, 09:03:16 AM
Hello,

I could see that a lot of users are asking "How to install SSL on hostname" and I found a few tutorials some of which are working and others do not. Also, the tutorials which are working are lenghty and not for linux newbie.

So, I will teach you here how to install and configure Letsencrypt Free SSL on hostname in CWP in simple 3 steps.

1 - Check that you should have an A record for the hostname. For example if your server hostname is cp.hostinpk.com, then you should have an A record for "cp" pointing to server IP

2 - Login to CWP Admin Panel>> Server Settings>>Change Hostname and then hit "Change Hostname" button after putting your desired hostname (in my case cp.hostinpk.com). This will only generate a valid LE SSL for your hostname when an A record is present against hostname

3 - Perform following command from shell
Code: [Select]
service cwpsrv reload
THAT's IT. Enjoy the green padlock while accessing the CWP services (admin panel, user panel, webmail, etc..)
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: Dragan on May 06, 2019, 03:39:13 PM
This is my error.

AutoSSL: Issue Failed![Mon May  6 17:35:28 CEST 2019] Single domain='panel.betahostserver.com'
[Mon May  6 17:35:28 CEST 2019] Getting domain auth token for each domain
[Mon May  6 17:35:30 CEST 2019] Getting webroot for domain='panel.betahostserver.com'
[Mon May  6 17:35:30 CEST 2019] Verifying: panel.betahostserver.com
[Mon May  6 17:35:33 CEST 2019] Pending
[Mon May  6 17:35:36 CEST 2019] Pending
[Mon May  6 17:35:38 CEST 2019] Pending
[Mon May  6 17:35:40 CEST 2019] Pending
[Mon May  6 17:35:43 CEST 2019] Pending
[Mon May  6 17:35:46 CEST 2019] Pending
[Mon May  6 17:35:48 CEST 2019] Pending
[Mon May  6 17:35:51 CEST 2019] Pending
[Mon May  6 17:35:53 CEST 2019] panel.betahostserver.com:Verify error:DNS problem: SERVFAIL looking up CAA for betahostserver.com
[Mon May  6 17:35:53 CEST 2019] Please check log file for more details: /root/.acme.sh/acme.sh.log

In /root/.acme.sh/acme.sh.log  is

[Mon May  6 17:35:53 CEST 2019] skip dns.
[Mon May  6 17:35:53 CEST 2019] _on_issue_err
[Mon May  6 17:35:53 CEST 2019] Please check log file for more details: /root/.acme.sh/acme.sh.log
[Mon May  6 17:35:53 CEST 2019] url='https://acme-v02.api.letsencrypt.org/acme/challenge/SPH1oHvs_uQwKax9uN8DP4yoENli0itQYdwVG5LcuQE/15557108187'
[Mon May  6 17:35:53 CEST 2019] payload='{}'
[Mon May  6 17:35:53 CEST 2019] POST
[Mon May  6 17:35:53 CEST 2019] _post_url='https://acme-v02.api.letsencrypt.org/acme/challenge/SPH1oHvs_uQwKax9uN8DP4yoENli0itQYdwVG5LcuQE/15557108187'
[Mon May  6 17:35:53 CEST 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Mon May  6 17:35:54 CEST 2019] _ret='0'
[Mon May  6 17:35:54 CEST 2019] code='400'

Title: Re: [Tutorial] How to install SSL on hostname?
Post by: jamshed_206 on May 07, 2019, 11:09:16 AM
It seems that you have not A record for panel.betahostserver.com.

So, kindly go to DNS manager and add an A record for panel with server IP.
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: Guax on May 13, 2019, 10:01:35 AM
Excellent tutorial jamshed_206, thank you very much, I have had problems lately with this topic and now I have it much clearer. ;)
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: jamshed_206 on May 13, 2019, 10:44:03 AM
Excellent tutorial jamshed_206, thank you very much, I have had problems lately with this topic and now I have it much clearer. ;)

I am happy to see you happy. Enjoy the CWP and if you have any issue, contact me.
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: rhunyady on May 25, 2019, 09:15:53 PM
Followed the tutorial and still no green padlock!
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: jamshed_206 on May 27, 2019, 01:22:36 AM
Followed the tutorial and still no green padlock!

Can you send me your hostname.
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: imtom on May 30, 2019, 03:27:02 PM
I followed these instructions and without success, I went and obtained a Comodo SSL Certificate but cannot even add that to the server.


[root@hostsrv ~]# service cwpsrv reload
Redirecting to /bin/systemctl reload cwpsrv.service
[root@hostsrv ~]#

No errors

But when I go tot he site the browser keeps saying : 
This site is not secure

And in Opera I can't even override it as I can with MS Explorer

Any suggestions?
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: jamshed_206 on May 30, 2019, 04:02:53 PM
I followed these instructions and without success, I went and obtained a Comodo SSL Certificate but cannot even add that to the server.


[root@hostsrv ~]# service cwpsrv reload
Redirecting to /bin/systemctl reload cwpsrv.service
[root@hostsrv ~]#

No errors

But when I go tot he site the browser keeps saying : 
This site is not secure

And in Opera I can't even override it as I can with MS Explorer

Any suggestions?


Kindly confirm that you have an A record for the hostname?
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: rhunyady on May 30, 2019, 07:19:24 PM
Followed the tutorial and still no green padlock!

Can you send me your hostname.

ctrl.xfxtechserv.com

I do have an A record set for it too
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: imtom on May 30, 2019, 08:41:00 PM
it has both the A and the rDNS on the IP for the MX to work properly and if I try to put in my comodo ssl it says I created too many for the week , via the panel
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: Jason on June 15, 2019, 12:07:21 AM
Hello,

I could see that a lot of users are asking "How to install SSL on hostname" and I found a few tutorials some of which are working and others do not. Also, the tutorials which are working are lenghty and not for linux newbie.

So, I will teach you here how to install and configure Letsencrypt Free SSL on hostname in CWP in simple 3 steps.

1 - Check that you should have an A record for the hostname. For example if your server hostname is cp.hostinpk.com, then you should have an A record for "cp" pointing to server IP

2 - Login to CWP Admin Panel>> Server Settings>>Change Hostname and then hit "Change Hostname" button after putting your desired hostname (in my case cp.hostinpk.com). This will only generate a valid LE SSL for your hostname when an A record is present against hostname

3 - Perform following command from shell
Code: [Select]
service cwpsrv reload
THAT's IT. Enjoy the green padlock while accessing the CWP services (admin panel, user panel, webmail, etc..)

Thank You works like a charm :)
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: evansa on June 15, 2019, 08:40:59 PM
Followed the tutorial and still no green padlock!

Can you send me your hostname.

ctrl.xfxtechserv.com resolves to 24.154.72.145. Is this the IP of your cwp server?

I do have an A record set for it too
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: evansa on June 15, 2019, 08:41:25 PM
ctrl.xfxtechserv.com resolves to 24.154.72.145. Is this the IP of your cwp server?
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: glorency on June 18, 2019, 10:21:52 AM
This is my error.

AutoSSL: Issue Failed![Mon May  6 17:35:28 CEST 2019] Single domain='panel.betahostserver.com'
[Mon May  6 17:35:28 CEST 2019] Getting domain auth token for each domain
[Mon May  6 17:35:30 CEST 2019] Getting webroot for domain='panel.betahostserver.com'
[Mon May  6 17:35:30 CEST 2019] Verifying: panel.betahostserver.com
[Mon May  6 17:35:33 CEST 2019] Pending
[Mon May  6 17:35:36 CEST 2019] Pending
[Mon May  6 17:35:38 CEST 2019] Pending
[Mon May  6 17:35:40 CEST 2019] Pending
[Mon May  6 17:35:43 CEST 2019] Pending
[Mon May  6 17:35:46 CEST 2019] Pending
[Mon May  6 17:35:48 CEST 2019] Pending
[Mon May  6 17:35:51 CEST 2019] Pending
[Mon May  6 17:35:53 CEST 2019] panel.betahostserver.com:Verify error:DNS problem: SERVFAIL looking up CAA for betahostserver.com
[Mon May  6 17:35:53 CEST 2019] Please check log file for more details: /root/.acme.sh/acme.sh.log

In /root/.acme.sh/acme.sh.log  is

[Mon May  6 17:35:53 CEST 2019] skip dns.
[Mon May  6 17:35:53 CEST 2019] _on_issue_err
[Mon May  6 17:35:53 CEST 2019] Please check log file for more details: /root/.acme.sh/acme.sh.log
[Mon May  6 17:35:53 CEST 2019] url='https://acme-v02.api.letsencrypt.org/acme/challenge/SPH1oHvs_uQwKax9uN8DP4yoENli0itQYdwVG5LcuQE/15557108187'
[Mon May  6 17:35:53 CEST 2019] payload='{}'
[Mon May  6 17:35:53 CEST 2019] POST
[Mon May  6 17:35:53 CEST 2019] _post_url='https://acme-v02.api.letsencrypt.org/acme/challenge/SPH1oHvs_uQwKax9uN8DP4yoENli0itQYdwVG5LcuQE/15557108187'
[Mon May  6 17:35:53 CEST 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Mon May  6 17:35:54 CEST 2019] _ret='0'
[Mon May  6 17:35:54 CEST 2019] code='400'


Just Follow :

http://forum.centos-webpanel.com/ssl/install-let'sencrypt-for-admin-panel-user-panel-again-100-working/
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: evansa on June 18, 2019, 08:12:41 PM
....panel.betahostserver.com:Verify error:DNS problem: SERVFAIL looking up CAA for betahostserver.com..

This is clearly a DNS problem.

please ensure the hostname resolves to the public IP of your VPS
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: picknkeith on July 05, 2019, 02:54:56 PM
For what it's worth, this worked.  However, I ran into the issue on Chrome that my site was not secure.  When I read this post  and saw "Green" padlock, I immediately thought about Firefox (which is usually where I only see the green padlock).  So, I pulled up Firefox and sure enough, it worked.  I then went back to Chrome, pulled up an incognito tab, and it worked there.  So, I killed the original tab, cleared cache, and it worked.  Moral of the story: Try other browsers.
Thanks to the OP for helping with my solution.
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: jamshed_206 on July 07, 2019, 08:39:32 AM
For what it's worth, this worked.  However, I ran into the issue on Chrome that my site was not secure.  When I read this post  and saw "Green" padlock, I immediately thought about Firefox (which is usually where I only see the green padlock).  So, I pulled up Firefox and sure enough, it worked.  I then went back to Chrome, pulled up an incognito tab, and it worked there.  So, I killed the original tab, cleared cache, and it worked.  Moral of the story: Try other browsers.
Thanks to the OP for helping with my solution.

I am glad that it worked for you.
Title: Re: [Tutorial] How to install SSL on hostname?
Post by: jamshed_206 on September 24, 2019, 01:48:39 AM
I have purchased a new cert and clicked the "Install new Certificate" option and that all completes correcty (shows cert as Self Signed: No and shows the cert type as the new REAL one).

However, when I go to https://server.domain.dom:2087 it still is using the old "self signed" default cert. Is there a step missing? I restarted Apache but not working still. So it appears like its gone to plan but the old cert is still there.

I have removed my browsers cache for the accepted self signed cert previously used so It shouldnt be releated to that.

Now, CWP has more powerful mechanism to Change hostname SSL. Now, you will have to only click on Change Hostname Button and select the services where you want to install the SSL.

Later on, you can change the SSL files with your own purchased SSL.