01-14-2012, 06:54 PM | #1 |
Junior Member
Join Date: Jan 2012
Location: Copenhagen, Denmark
Posts: 12
|
How do I add a RapidSSL SSL certificate to ISPManager?
Hi there
I've just bought a RapidSSL SSL certificate for a domain I have in ISPManager that has an IP address assigned to just that domain. I'm really struggling to get it working. The instructions I got from RapidSSL are as follows: INSTALLATION INSTRUCTIONS 1. INSTALL CERTIFICATE: Install the X.509 version of your certificate included at the end of this email. For installation instructions for your SSL Certificate, go to: https://knowledge.rapidssl.com/suppo...ent&id=SO16226 2. INTERMEDIATE CERTIFICATE ADVISORY: You MUST install the RapidSSL intermediate Certificate included at the end of this e-mail on your server together with your Certificate or it may not operate correctly. You can also get your RapidSSL intermediate Certificates at: https://knowledge.geotrust.com/suppo...tent&id=AR1422 3. CHECK INSTALLATION: Ensure you have installed your certificate correctly at: https://knowledge.rapidssl.com/suppo...ewlocale=en_US I'm fairly sure I managed to get the actual certificate installed, but I have no idea how to get part 2 done, plus even after restarting the server, https://mydomain.com is using an untrusted certificate. There's no evidence that my RapidSSL cert is installed. Any help would be greatly appreciated. Cheers Jim |
01-14-2012, 08:03 PM | #2 |
ISPsystem team
Join Date: May 2008
Location: ISPsystem
Posts: 588
|
Hello, use SSL certificates module in ISPmanager on user level, install cerficate and enable in the module or in WWW domain properties (for new ISPmanager 4.4.x).
Check SSL certificate in IE/Chrome, for Firefox you should add RapidSSL CA to Apache configuration file into SSL VirtualHost SSLCACertificateFile /var/www/httpd-cert/ca.crt Code:
wget -O /var/www/httpd-cert/ca.crt "https://knowledge.rapidssl.com/library/VERISIGN/ALL_OTHER/RapidSSL%20Intermediate/RapidSSL_CA_bundle.pem" --no-check-certificate Last edited by slava; 01-14-2012 at 08:27 PM. |
01-15-2012, 06:53 PM | #3 |
Junior Member
Join Date: Jan 2012
Location: Copenhagen, Denmark
Posts: 12
|
Many thanks for your quick reply Slava!
I've done what you suggested and got no errors. Not sure if it's possible for me to test properly though as I haven't changed the dns for the domain yet (moving it to a new server), so am viewing it by editing the hosts file on my Macbook Pro. When I view https://lecafeshop.co.uk I actually get: Could it be that it isn't possible to see an https via editing the hosts file? Cheers Jim |
01-15-2012, 08:47 PM | #4 |
ISPsystem team
Join Date: May 2008
Location: ISPsystem
Posts: 588
|
You have certificate for localhost name
I think you have a problem in the Apache configuration, and at this IP address you already have a site that listens to the SSL-connection. You should check the Apache configuration file and find the SSL-host who is above VirtualHost your site and remove it. |
01-16-2012, 01:44 PM | #5 |
Junior Member
Join Date: Jan 2012
Location: Copenhagen, Denmark
Posts: 12
|
Mmm... I thought I'd removed that.
In my /var/www/httpd-cert/ directory I have the following: ca.crt lecafeshop.co.uk crt lecafeshop.co.uk.key In ISPManager I have the following under ssl: Would you recommend I delete everything and start again? |
01-16-2012, 02:06 PM | #6 |
Junior Member
Join Date: Jan 2012
Location: Copenhagen, Denmark
Posts: 12
|
Okay - I've deleted what I had in there now and will try and start again.
What I received from RapidSSL is the following: * Web Server CERTIFICATE * INTERMEDIATE CA When I click 'New' under the SSL module in ISPManager do I need to select 'Request' or 'Existing' here? For this server, it's a brand new SSL certificate. Looking at other instructions, I should select 'existing', but I have no idea where I get the certificate key from. I'm clueless when it comes to SSL certs I'm afraid... Definitely not my strongpoint. |
01-16-2012, 06:33 PM | #8 |
Junior Member
Join Date: Jan 2012
Location: Copenhagen, Denmark
Posts: 12
|
Thanks for your help. This is now resolved and I've successfully installed the cert.
|
Tags |
ssl rapidssl certificate |
|
|