The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SSL Not installing

Discussion in 'General Discussion' started by fog, Feb 21, 2005.

  1. fog

    fog Well-Known Member

    Joined:
    Jun 22, 2002
    Messages:
    164
    Likes Received:
    0
    Trophy Points:
    16
    Hello,

    A client needed an SSL cert. I generated everything for him and assigned his domain a dedicated IP. He had me generate it for secure.domain.com. When I go to WHM and enter secure.domain.com it fetches everything. I then paste the cert info and click do it... it works for like 3 seconds but the screen never changes and the SSL does not work.

    I have never seen this before. Any ideas?
     
  2. vincentg

    vincentg Well-Known Member

    Joined:
    May 12, 2004
    Messages:
    140
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    new york
    Install it from shell - it only requires adding two files and adding a section to httpd.conf.

    Vin
     
  3. fog

    fog Well-Known Member

    Joined:
    Jun 22, 2002
    Messages:
    164
    Likes Received:
    0
    Trophy Points:
    16
    Is there a guide for that?
     
  4. vincentg

    vincentg Well-Known Member

    Joined:
    May 12, 2004
    Messages:
    140
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    new york
    Here's what to do

    First the site needs a dedicated IP and if does not have one you must assign one.

    Your certs are located in /usr/share/ssl/certs

    You need to copy your .crt and your cabundle there.

    If your SSL provider gave you these files then just rename them as follows:

    my_domain_name.crt
    my_domain_name.cabunldle

    Where my_domain_name is the websites domain name - mydomain.com

    In /usr/share/ssl/private/ you should have a .key file named as my_doamin_name.key
    Where my_domain_name is the domain name of the website
    You don't need to touch the key file you just need to make sure it's there.

    These files need to be in ASCII form so if you can't read them in notepad then you need to convert them.

    If you didn't get them as files then just create the files in a text editor either on your PC or on the server using vi or pico.

    Next step is to modify httpd.conf which is located in /usr/local/apache/conf

    Be careful here - a wrong entry will cause http to not work.
    Make a backup of this file in case you have a problem.

    Edit the file and add this:

    <IfDefine SSL>
    <VirtualHost my_ip:443>
    ServerAdmin my_contact_email
    DocumentRoot /usr/local/apache/htdocs
    BytesLog domlogs/my_domain_name-bytes_log
    ServerName my_domain_name
    CustomLog /usr/local/apache/domlogs/my_domain_name-ssl_log "%t %{version}c %{cipher}c %{clientcert}c"
    SSLEnable
    SSLCertificateFile /usr/share/ssl/certs/my_domain_name.crt
    SSLCertificateKeyFile /usr/share/ssl/private/my_domain_name.key
    SSLCACertificateFile /usr/share/ssl/certs/my_domain_name.cabundle
    SSLLogFile /var/log/my_domain_name

    #UserDir public_html

    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
    </VirtualHost>
    </IfDefine>

    The CA bundle is your CA file
    The cert is your CRT file
    The Key was created by Cpanel and is there already - use the name of it or rename it if you wish so it matches what's in the httpd.conf file.

    Place your website IP in place of my_ip
    Place your domain name in place of my_domain_name
    Place your contact email in place of my_contact_email

    That's it

    Vincent G.
     
Loading...

Share This Page