Want more timely Centmin Mod News Updates?
Become a Member

Using option 22 for a site with an active Comodo SSL Cert

Discussion in 'Blogs & CMS usage' started by JJC84, Apr 16, 2018.

  1. JJC84

    JJC84 Premium Member Premium Member

    177
    74
    28
    Jan 31, 2018
    Ratings:
    +107
    Local Time:
    9:28 AM
    1.13.9
    10.1
    I got a free Comodo SSL cert with a domain I purchased and I was wondering if it is easier to set up the site using option 4 for https only and then just uploading the certificate and switching it out or is there something I am missing. I'm thinking about even revoking this certificate because I can't have both the Let's Encrypt cert which basically installs itself and this one at the same time without having issues. What do you think I should do. I did read the article on switching from a free let's encrypt certificate to a comodo commercial DV certificate commercial certificate. Is that the best option still? Thank you.
     
  2. eva2000

    eva2000 Administrator Staff Member

    37,235
    8,134
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,524
    Local Time:
    1:28 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    you mean SSL - Letsencrypt - How to remove a website off the acme tool? ? or you mean switch from self-signed ssl to paid outlined in below method 1 ? If you're intending on using paid SSL certificate don't setup letsencrypt ssl cert as you'll also setup a cronjob for letsencrypt auto renewal. Just use method 1 to use default self-signed SSL cert vhost setup first and then switch to paid ssl cert.

    There's generally 3 ways of setting up HTTPS SSL certificate for Centmin Mod Nginx HTTP/2 based HTTPS

    Method 1. The traditional way via centmin.sh menu option 2, 22 and selecting yes to self-signed ssl certificates first. Then converting the self-signed ssl certificate to paid or free (Letsencrypt) web browser trusted SSL certificates outlined at How to switch self-signed SSL certificate to paid SSL certificate ? You would still need to follow the same steps outlined at Nginx SPDY SSL Configuration for obtaining and purchasing the paid SSL certificate and most important part is the concatenation of the SSL provider provided filesto create the mentioned /usr/local/nginx/conf/ssl/domaincom/ssl-unified.crt and /usr/local/nginx/conf/ssl/domaincom/ssl-trusted.crtfiles referenced in your Nginx SSL vhost config file.

    You may need to also decide if you want to enable HTTP to HTTPS redirect outlined at How to force redirect from HTTP:// to HTTPS:// ?

    If you didn't answer yes at time of initial nginx vhost creation to self-signed ssl certificates, you can manually setup the self-signed ssl certificate via the vhost generator by checking self-signed ssl box and enter a domain name. This will outline instructions for manually creating and setting up self-signed ssl certificate and nginx vhost settings. Then for web browser trusted ssl certificates you switch follow - How to switch self-signed SSL certificate to paid SSL certificate ?.

    Method 2. Using and testing Centmin Mod 123.09beta01's new addons/acmetool.sh addon which is still in beta testing only for integrating Letsencrypt SSL certificates. And has both auto and manual methods.

    Method 3. Fully manual method for free Letsencrypt SSL certificates.
    Note:
    • For wordpress auto installer, you actually need a read method 2 to enable LETSENCRYPT_DETECT='y' then run centmin.sh menu option 22 which will detect letsencrypt support and display the additional letsencrypt prompts required to issue free letsencrypt ssl certificates for wordpress auto installer
     
    • Informative Informative x 1
  3. JJC84

    JJC84 Premium Member Premium Member

    177
    74
    28
    Jan 31, 2018
    Ratings:
    +107
    Local Time:
    9:28 AM
    1.13.9
    10.1
    Thanks for clearing that up. I was confused between the methods basically. It seems like using self-signed but not let's encrypt then switching out the certificates as in method #1 will do the trick well enough. Thank you!
     
..