How do I add a RapidSSL SSL certificate to ISPManager?
Hi there
I've just bought a RapidSSL SSL certificate for a domain I have in ISPManager that has an IP address assigned to just that domain. I'm really struggling to get it working. The instructions I got from RapidSSL are as follows: INSTALLATION INSTRUCTIONS 1. INSTALL CERTIFICATE: Install the X.509 version of your certificate included at the end of this email. For installation instructions for your SSL Certificate, go to: https://knowledge.rapidssl.com/suppo...ent&id=SO16226 2. INTERMEDIATE CERTIFICATE ADVISORY: You MUST install the RapidSSL intermediate Certificate included at the end of this e-mail on your server together with your Certificate or it may not operate correctly. You can also get your RapidSSL intermediate Certificates at: https://knowledge.geotrust.com/suppo...tent&id=AR1422 3. CHECK INSTALLATION: Ensure you have installed your certificate correctly at: https://knowledge.rapidssl.com/suppo...ewlocale=en_US I'm fairly sure I managed to get the actual certificate installed, but I have no idea how to get part 2 done, plus even after restarting the server, https://mydomain.com is using an untrusted certificate. There's no evidence that my RapidSSL cert is installed. Any help would be greatly appreciated. Cheers Jim |
Hello, use SSL certificates module in ISPmanager on user level, install cerficate and enable in the module or in WWW domain properties (for new ISPmanager 4.4.x).
Check SSL certificate in IE/Chrome, for Firefox you should add RapidSSL CA to Apache configuration file into SSL VirtualHost SSLCACertificateFile /var/www/httpd-cert/ca.crt Code:
wget -O /var/www/httpd-cert/ca.crt "https://knowledge.rapidssl.com/library/VERISIGN/ALL_OTHER/RapidSSL%20Intermediate/RapidSSL_CA_bundle.pem" --no-check-certificate |
Many thanks for your quick reply Slava!
I've done what you suggested and got no errors. Not sure if it's possible for me to test properly though as I haven't changed the dns for the domain yet (moving it to a new server), so am viewing it by editing the hosts file on my Macbook Pro. When I view https://lecafeshop.co.uk I actually get: https://img.skitch.com/20120115-be5g...t61kctx8gy.jpg Could it be that it isn't possible to see an https via editing the hosts file? Cheers Jim |
You have certificate for localhost name
http://img24.imageshack.us/img24/9791/sslj.png I think you have a problem in the Apache configuration, and at this IP address you already have a site that listens to the SSL-connection. You should check the Apache configuration file and find the SSL-host who is above VirtualHost your site and remove it. |
Mmm... I thought I'd removed that.
In my /var/www/httpd-cert/ directory I have the following: ca.crt lecafeshop.co.uk crt lecafeshop.co.uk.key In ISPManager I have the following under ssl: https://img.skitch.com/20120116-t6uw...91q3a3qj45.jpg Would you recommend I delete everything and start again? |
Okay - I've deleted what I had in there now and will try and start again.
What I received from RapidSSL is the following: * Web Server CERTIFICATE * INTERMEDIATE CA When I click 'New' under the SSL module in ISPManager do I need to select 'Request' or 'Existing' here? For this server, it's a brand new SSL certificate. Looking at other instructions, I should select 'existing', but I have no idea where I get the certificate key from. I'm clueless when it comes to SSL certs I'm afraid... Definitely not my strongpoint. |
Check files in /etc/httpd.
in the SSL module you should create Existing |
Thanks for your help. This is now resolved and I've successfully installed the cert.
|
All times are GMT +2. The time now is 11:02 PM. |
Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2024, vBulletin Solutions, Inc.