SSL DNS Letsencrypt DNS update and SSL install post server migration

If you had setup Centmin Mod Ngnx vhosts with self-signed SSL, you could of tried acmetool.sh add reissue-only option for existing nginx HTTPS SSL vhosts with domain.com.ssl.conf vhost config files that exist. This only does reissue of letsencrypt SSL cert without touching the nginx vhost. Ideal for use when you tried creating a Nginx HTTPS SSL default vhost site but letsencrypt SSL issuance failed the first time. When it fails, Centmin Mod usually falls back to self-signed SSL as a place holder for the domain.com.ssl.conf vhost config. When you run:

Code (Text):

cd /usr/local/src/centminmod/addons
./acmetool.sh reissue-only domain.com live

It will only try reissuing the letsencrypt SSL certificate for the domain = domain.com for live production SSL certificate without touching any of the existing nginx vhost at domain.com.ssl.conf

But as you opted to setup Centmin Mod Nginx vhosts without any HTTPS (self-signed), you can just follow the method 3 outlined method below for existing non-HTTPS nginx vhost sites migration to HTTPS.

There's generally 3 ways of setting up HTTPS SSL certificate for Centmin Mod Nginx HTTP/2 based HTTPS

Method 1. The traditional way via centmin.sh menu option 2, 22 but ensuring you set LETSENCRYPT_DETECT='y' in persistent config file created at /etc/centminmod/custom_config.inc before you run centmin.sh menu option 2 or 22 for wordpress. You can do that using command below - only need to do this step once and every subsequent run of centmin.sh menu option 2 or 22 will have letsencrypt ssl certificate support enabled

Code (Text):

# enable letsencrypt ssl certificate integration https://centminmod.com/acmetool/
touch /etc/centminmod/custom_config.inc
echo "LETSENCRYPT_DETECT='y'" >> /etc/centminmod/custom_config.inc

Method 2. Using and testing Centmin Mod 123.09beta01's new addons/acmetool.sh addon which is still in beta testing only for integrating Letsencrypt SSL certificates. And has both auto and manual methods.

Method 3. Fully manual method for free Letsencrypt SSL certificates.

• For existing non-HTTPS Nginx vhost sites migration to HTTPS as outlined at Migrating Existing Nginx Vhost From HTTP to HTTP/2 based HTTPS With Letsencrypt SSL Certificates
• For brand new Nginx vhosts not yet created on server use this guide Using Centmin Mod acmetool.sh addon for Nginx HTTP/2 based HTTPS with free Letsencrypt SSL certificates

 

Tricky situation. If you have cpanel SSL certs, you can just use those on your modified Centmin Mod Nginx temporarily until you change DNS over on domain. Or use Centmin Mod acmetool.sh's DNS method of validating Letsencrypt domain issuance Letsencrypt - Official acmetool.sh testing thread for Centmin Mod 123.09beta01 though it only works with Cloudflare DNS right now example here.

But easiest way I can see i use Cloudflare for domain then Cloudflare can provide HTTPS/SSL cert on front end and you can set Cloudflare SSL to Flexible SSL while you have Centmin Mod non-HTTPS Nginx vhost and change Cloudflare SSL to Full SSL once you internally changed Centmin Mod non-HTTPS Nginx vhost to HTTPS based Nginx vhost. That way visitors are uninterrupted as they only see Cloudflare HTTPS/SSL cert.

 

very nice speed improvement