SSL setup on EHCP
User's Recommand: Advanced
I have found a way to get SSL to work with EHCP. See link for demo!
Im not going to explain everything but with my networking guide and reading topics about Apache. You shouldnt have a issue!
You can use OpenSSL or purchase your own.
Note:OpenSSL is not supported by most browsers. Buying is recommanded but OpenSSL is also a opinon.
You need to get your server.crt and example.key files placed in a folder name it whatever you desire under Apache's program root folder. Most people just name it SSL.
You'll need to insert SSLEngine into your new website in Sites enabled and Sites Available. Google for the code.
Copy EHCP folder into var/www
Make a new folder & name it whatever you want.
I used html
So now you'll need to do a few things to continue and get it working.
edit and change the cp's file location in classapp.php
make a template that goes to your new cp.
make a backup and save the org cp in vhosts just in case.
**IF 2 CP's are enabled you'll need to change or remove one of them so there will not be a conflict**
Message Expected for this will be. (This page contains secure & not secure items continue?)
Restart everything and you should be all set!
If you use OpenSSL and happen to purchase one online.
You just have to replace the new .crt file or delete all text in file and insert the new one.
Example site of EHCP SSL located Below
https://www.webhostinghand.com
Andy Jordaan
Sat, 11/19/2016 - 10:24
Permalink
Installing a (Purchased ) SSL
Hi
How Current is this " How To " ?
I am in the process of installing a SSL on a VPS and I do not see much correlation from whats said here to whats in my VPS's " var/www " folder
For anybody out there with similar problems I am using Ubuntu (14.04) and ended up using this string to get a correct scr
openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out mydomain.com.csr
* change mydomain.com to your own domain stuff
I now need to install the certificate
Andy Jordaan
Mon, 11/21/2016 - 22:09
Permalink
Installing a (Purchased ) SSL
Anybody done a SSL install recently on EHCP and Ubuntu (14.04) ?
I seem to be having problems in the etc/apache2 folder with SSL and the sites available / sites enabled Folders and their files.
in Ubuntu 14.04 it seems they now all working off Default files as in :
sites available has " 000-default.conf "
and
Sites enabled only has " default "
this looks like, to me it seem a clear conflict as for the listening on port 80 - non SSL and port 443 SSL
when I create a file for the https website and " sudo a2ensite website " it indicated done but nothing in the " sites enabled " folder
The certificates are installed in their etc/ssl/certs and etc/ssl/private folder
Anybody shed some light here ?
Tks
Andy
Andy Jordaan
Tue, 11/22/2016 - 12:25
Permalink
Installing a (Purchased ) SSL Update
Ok So I now know a bit more.
You have to go to " OPTIONS " the advanced Setting at the Bottom the select the "SSL"option
This will Put a "default-ssl " file in the etc/apache2/sites-enabled Folder
Still does not work but it is a step further
Andy
Andy Jordaan
Tue, 02/28/2017 - 14:05
Permalink
Ok , a bit of advice for any future https website users
Server :: Ubuntu 14.04 VPS
I have got the https running for a specific website, but is very unstable, it can run for weeks and all of a sudden one of three things happen
++++++++++++++++++++++++++++++
1. The Apache2 in etc/apache2 looses the secure website in "Sites Enabled " it also drops the secure port " Listen *:443 " in "ports.config "
I have learnt to keep a complete copy of the "apache2 " folder and merely kill the faulty one, Replace with the standby apache2 folder the run " service apache2 reload "
+++++++++++++++++++++++++++++
2 Periodically the mysql screws up somewhere and I do not have a connection to the website MYSQL I have to run
" service mysql restart "
++++++++++++++++++++++++++++++
3 Very infrequently the my.cnf in etc/mysql/my.cnf decides to re-write itself and writes the bind adress as "bind-address=127.0.0.1" (localhost) and not the correct VPS bind-address as in "bind-address=127.127.0.127" (Fictitious IP Address)
I keep a spare my.cnf
Hope this helps some one
Andy