SSL setup on EHCP

Submitted by BlackFire Predsident on Wed, 02/04/2009 - 15:51

User's Recommand: Advanced

I have found a way to get SSL to work with EHCP. See link for demo!
Im not going to explain everything but with my networking guide and reading topics about Apache. You shouldnt have a issue!

You can use OpenSSL or purchase your own.
Note:OpenSSL is not supported by most browsers. Buying is recommanded but OpenSSL is also a opinon.

You need to get your server.crt and example.key files placed in a folder name it whatever you desire under Apache's program root folder. Most people just name it SSL.

You'll need to insert SSLEngine into your new website in Sites enabled and Sites Available. Google for the code.

Copy EHCP folder into var/www
Make a new folder & name it whatever you want.

I used html
So now you'll need to do a few things to continue and get it working.

edit and change the cp's file location in classapp.php
make a template that goes to your new cp.
make a backup and save the org cp in vhosts just in case.

**IF 2 CP's are enabled you'll need to change or remove one of them so there will not be a conflict**
Message Expected for this will be. (This page contains secure & not secure items continue?)

Restart everything and you should be all set!

If you use OpenSSL and happen to purchase one online.
You just have to replace the new .crt file or delete all text in file and insert the new one.

Example site of EHCP SSL located Below
https://www.webhostinghand.com

Forums: 
ehcp HowTo's

Andy Jordaan

Sat, 11/19/2016 - 10:24

Hi
How Current is this " How To " ?

I am in the process of installing a SSL on a VPS and I do not see much correlation from whats said here to whats in my VPS's " var/www " folder

For anybody out there with similar problems I am using Ubuntu (14.04) and ended up using this string to get a correct scr

openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out mydomain.com.csr
* change mydomain.com to your own domain stuff

I now need to install the certificate

Andy Jordaan

Mon, 11/21/2016 - 22:09

Anybody done a SSL install recently on EHCP and Ubuntu (14.04) ?

I seem to be having problems in the etc/apache2 folder with SSL and the sites available / sites enabled Folders and their files.
in Ubuntu 14.04 it seems they now all working off Default files as in :

sites available has " 000-default.conf "
and
Sites enabled only has " default "

this looks like, to me it seem a clear conflict as for the listening on port 80 - non SSL and port 443 SSL

when I create a file for the https website and " sudo a2ensite website " it indicated done but nothing in the " sites enabled " folder

The certificates are installed in their etc/ssl/certs and etc/ssl/private folder

Anybody shed some light here ?

Tks

Andy

Andy Jordaan

Tue, 11/22/2016 - 12:25

Ok So I now know a bit more.

You have to go to " OPTIONS " the advanced Setting at the Bottom the select the "SSL"option

This will Put a "default-ssl " file in the etc/apache2/sites-enabled Folder

Still does not work but it is a step further

Andy

Andy Jordaan

Tue, 02/28/2017 - 14:05

Server :: Ubuntu 14.04 VPS

I have got the https running for a specific website, but is very unstable, it can run for weeks and all of a sudden one of three things happen

++++++++++++++++++++++++++++++

1. The Apache2 in etc/apache2 looses the secure website in "Sites Enabled " it also drops the secure port " Listen *:443 " in "ports.config "

I have learnt to keep a complete copy of the "apache2 " folder and merely kill the faulty one, Replace with the standby apache2 folder the run " service apache2 reload "

+++++++++++++++++++++++++++++

2 Periodically the mysql screws up somewhere and I do not have a connection to the website MYSQL I have to run
" service mysql restart "

++++++++++++++++++++++++++++++

3 Very infrequently the my.cnf in etc/mysql/my.cnf decides to re-write itself and writes the bind adress as "bind-address=127.0.0.1" (localhost) and not the correct VPS bind-address as in "bind-address=127.127.0.127" (Fictitious IP Address)

I keep a spare my.cnf

Hope this helps some one

Andy