Join the community today
Become a Member

SSL How to point my certificate?

Discussion in 'Domains, DNS, Email & SSL Certificates' started by lserpes, Sep 29, 2018.

  1. lserpes

    lserpes New Member

    7
    0
    1
    Jul 12, 2018
    Ratings:
    +0
    Local Time:
    3:17 PM
    -
    -
    I ask your help to point my certificate correctly. It is generated successfully and even shows in crt.sh, but the site continues without ssl.
    I think I have to configure it manually, but I can not.

    BuyPass (tutorial): New Feature: DNS-01 Challenge implemented
    The developer tried to help me, but the setting seems to be different for Centmin Mod.
    Installation (get ssl): https://www.itextpad.com/MrhlNGqAzQ

    I am using CentminMod 123.09beta01 7.2
     
  2. eva2000

    eva2000 Administrator Staff Member

    40,620
    9,014
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +13,880
    Local Time:
    4:17 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    How was the initial letsencrypt ssl certificate obtained ? Which method ?
    • Was the domain nginx vhost alreadying created prior or new domain nginx vhost site setup for first time ?
    • Via centmin.sh menu option 2, 22, /usr/bin/nv ?
    • If you ran centmin.sh menu option 2 or 22, which letsencrypt option did you select from
      Code (Text):
      -------------------------------------------------------------
      Setup full Nginx vhost + Wordpress + WP Plugins
      -------------------------------------------------------------
      
      Enter vhost domain name you want to add (without www. prefix): acme3.domain1.com
      
      Create a self-signed SSL certificate Nginx vhost? [y/n]: n
      Get Letsencrypt SSL certificate Nginx vhost? [y/n]: y
      
      You have 4 options:
      1. issue staging test cert with HTTP + HTTPS
      2. issue staging test cert with HTTPS default
      3. issue live cert with HTTP + HTTPS
      4. issue live cert with HTTPS default
      Enter option number 1-4: 1
      
     
  3. lserpes

    lserpes New Member

    7
    0
    1
    Jul 12, 2018
    Ratings:
    +0
    Local Time:
    3:17 PM
    -
    -
    It's not Let's Encrypt, but rather a free BuyPass certificate.
     
    style="display:inline-block;min-width:400px;max-width:970px;width:95%;height:90px" data-ad-client="ca-pub-6669518204467592" data-ad-slot="4024536743" data-ad-format="auto">
  4. eva2000

    eva2000 Administrator Staff Member

    40,620
    9,014
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +13,880
    Local Time:
    4:17 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    There's generally 3 ways of setting up HTTPS SSL certificate for Centmin Mod Nginx HTTP/2 based HTTPS. In your case you'd have to follow method 1. Though easiest way is to follow method 2 (fresh vhost) or 3 (existing non-https vhost)

    Method 1. The traditional way via centmin.sh menu option 2, 22 and selecting yes to self-signed ssl certificates first. Then converting the self-signed ssl certificate to paid or free (Letsencrypt) web browser trusted SSL certificates outlined at How to switch self-signed SSL certificate to paid SSL certificate ? You would still need to follow the same steps outlined at Nginx SPDY SSL Configuration for obtaining and purchasing the paid SSL certificate and most important part is the concatenation of the SSL provider provided filesto create the mentioned /usr/local/nginx/conf/ssl/domaincom/ssl-unified.crt and /usr/local/nginx/conf/ssl/domaincom/ssl-trusted.crtfiles referenced in your Nginx SSL vhost config file.

    You may need to also decide if you want to enable HTTP to HTTPS redirect outlined at How to force redirect from HTTP:// to HTTPS:// ?

    If you didn't answer yes at time of initial nginx vhost creation to self-signed ssl certificates, you can manually setup the self-signed ssl certificate via the vhost generator by checking self-signed ssl box and enter a domain name. This will outline instructions for manually creating and setting up self-signed ssl certificate and nginx vhost settings. Then for web browser trusted ssl certificates you switch follow - How to switch self-signed SSL certificate to paid SSL certificate ?.

    Method 2. Using and testing Centmin Mod 123.09beta01's new addons/acmetool.sh addon which is still in beta testing only for integrating Letsencrypt SSL certificates. And has both auto and manual methods.

    Method 3. Fully manual method for free Letsencrypt SSL certificates.
    Note:
    • For wordpress auto installer, you actually need a read method 2 to enable LETSENCRYPT_DETECT='y' then run centmin.sh menu option 22 which will detect letsencrypt support and display the additional letsencrypt prompts required to issue free letsencrypt ssl certificates for wordpress auto installer