SSL Archives - CloudMinister

How to configure Domain Name with VirtualHost in Centos 7 VPS and attach SSL certificate?

Several providers provides Domain Name service to its customer so that people need not remember the IP address of the web server. With the help of DNS the IP address can easily resolve with Domain Name and Vise Versa.

Prerequisite

1. Domain Name – Free(Freenom), Paid(Godaddy)

VPS – Centos 7
3. Web Server – apache, nginx

Configure Domain Name

In this blog we are going to take Free Domain Name from https://www.freenom.com, you can also purchase it from Godaddy.

Now follow the steps to configure the Domain Name:

Open the above given website and search for new domain.
Select the required domain and click on checkout option.
Now click on Use DNS option and also give the IP address of your VPS, also select the period from top right corner and then click on continue.

Click On Agree all the Terms and Condition checkbox and complete the shopping.

After that go inside the Domain Name and click on DNS management for your Domain.

Configure VPS

VPS stands for Virtual Private Server are the servers provided by many organizations like AWS, Azure that are used as

Web Server for Website Hosting and Database Server for storing database of all the customer.

For Example, Centos, Ubuntu, etc.

Now follow the steps to configure VirtualHost in Centos 7 VPS.
1. Open the server with SSH and type sudo command for non-root users.

After that go inside the /var/www/html directory and create new directory over their with the Domain Name by using the following command:

# sudo cd /var/www/html

# sudo mkdir yourdomain.com

# sudo cd yourdomain.com

# sudo vi index.html

After then write “Website under construction”.

Now create new conf file with server name in conf. directory

# sudo cd /etc/httpd/conf.d

# sudo vi yourdomain.com.conf

Now write the following code to create Virtual Host,

 

DocumentRoot “/var/www/html/learalot.ga”

ServerName learnalot.ga

ServerAlias www.learnalot.ga

<Directory “/var/www/html/learnalot.ga”>

Options FollowSymLinks

AllowOverride All

Options -Indexes

 

Redirect Permanent / https://learnalot.ga <—-> If you want to redirect http traffic to https.

 

DocumentRoot “/var/www/html/learnalot.ga”

ServerName learnalot.ga

ServerAlias www.learnalot.ga

<Directory “/var/www/html/learnalot.ga”>

Options FollowSymLinks

AllowOverride All

Options -Indexes

 

 

And save the file with :wq command.

Configure Web Server

For configuring Web Server you first decide which server you want to use for hosting website, Like apache, nginx, Microsoft IIS select any server based on your requirement.

In this we are going to install apache web server by using the following command:

# yum install -y httpd

# systemctl start httpd

# systemctl enable httpd

Configure SSL certificate

SSL stands for Secure Sockets Layer is a standard security technology for establishing an encrypted connection between the server and the client, Like Mail Server and Web server(Browser) and Mail Client.

Steps to configure the Let’s Encrypt Free SSL certificate in centos7 VPS.
1. Open this URL https://certbot.eff.org/ and click on Get certbot  instruction options.

Now select the software and VPS in which your website is running.

Run VPS with SSH and use sudo if you don’t have root privileges.
Enable EPEL repository by using the following command:
# yum install -y
https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

Now after that enable the optional channel by using the following command:

# yum -y install yum-utils

# yum-config-manager –enable rhui-REGION-rhel-server-extras rhui-REGION-rhel-server-optional

6. Install certbot by using following command:

# yum install certbot python2-certbot-apache

Run this command to get a certificate and have Certbot edit your Apache configuration automatically to serve it, turning on HTTPS access in a single step.

# certbot –apache

Set up automatic renewal

# echo “0 0,12 * * * root python -c ‘import random;

import time; time.sleep(random.random() * 3600)’ && certbot

renew” | sudo tee -a /etc/crontab > /dev/null

Confirm that certbot worked by clicking on the particular website.

https://www.ssllabs.com/ssltest/

Enter your domain name and it will show that website is secured or not.

Test your Domain Name

Now after completing the above installation go to any browser and type the Domain Name yourdomain.com in the URL to check the configuration.

Before

After

CONCLUSION-

In this blog you can learn how to configure Domain Name with VirtualHost in centos 7 VPS and also learn how to configure SSL certificate in your website by using Let’s Encrypt Free SSL service provider.

How to install a free SSL certificate on domain via CWP panel?

Secure Domain Name with help of Let’s Encrypt in CWP, it provides an SSL certificate for 3 months and after we can easily update the SSL certificate for free with Let’s Encrypt in CWP.  This blog helps you to implement an SSL certificate on domains in CWP panel.

SSL

Secure Socket Layer

It is a protocol used for transmitting private documents via the internet,  it uses a cryptographic system that uses two keys to encrypt data: a public key known to everyone and a private or secret key known only to the recipient of the message.


Prerequisite 

1. CWP installed on centos(VPS)

2. Domain Name

Configure SSL

Firstly open the CWP on the browser with the help of the following URL:

https://domain_name:2038 and click on accept the risk and go ahead.

Now give credentials of the root user.

After this dashboard will be open and search for webServer settings in the left pane.


Select SSL Certificate option and after then select Auto SSL [Free] option.

Now select the appropriate User and Domain-based on your requirement.

After then click on Install SSL, apart from installing new you can also install manually or from the server.

After the domain attach successfully you can go test it with the various SSL checker

Now check your domain by typing in browser URL i.e https://domain_name.com

Redirect Traffic

You can also redirect traffic of HTTP to HTTPS by putting the following text in the domain_name.conf file and in CWP it is found under cd /usr/local/apache/conf.d/vhosts

Here found your conf file open it with vi editor and write the following code.

Redirect Permanent / https://domain_name.

CONCLUSION: After the above configuration, you will be able to use Free SSL certificate and also renew it from CWP.

How to configure hostname SSL with Let’s Encrypt in CWP?

Let’s Encrypt provides Free SSL certificate with the help of this you can secure your hostname easily.

Configure Hostname

Before configure SSL check the hostname and set it with the following command.

# hostname hosts.your_domain.com

You can also change the hostname from the CWP panel that is found under server settings, open it and give the hostname then save changes.

Also remember to create entry of particular hosts in the domain registrar with the A record and resolve it with IP_address.

Name            Type             TTL            Target 

Host_name          A            300            IP_address

Configure Letsencrypt SSL

To configure SSL certificate open CWP panel and search SSL certificates under WebServer settings and open it.

Now click on Install from server option and select certificate: hostname.cert and User: user_name after then click on install.

You can also test it with the help test button in the certificate panel.

These certificate files are used for cwp ports like:

Admin panel – (2030,2086-no SSL),(2031,2087-with SSL)

user panel – (2082-no SSL),(2083-with SSL)

Roundcube- (2095-no SSL),(2096-with SSL) 

CONCLUSION- From the above configuration, you will be able to configure the CWP admin panel and other services along with the certificate.

Get started with CloudMinister Today