Guide setting up SSL in Sentora
02-11-2015, 03:24 AM
(This post was last modified: 02-11-2015, 04:01 AM by Jayster.)
Setting up SSL in Sentora using CentOS.
1) Create a default domain eg: ssl.yourdomain.tld (this is the default domain for your default SSL Port Listen 443)
2) Make sure this is your first entry to the VHOST right after the Sentora panel vhost
example vhost entry:
3) Setup your certificate and key files in Module Admin>>Apache Config>>Select VHOST
4) Then select your first domain entry you've created in step 1 (ssl.yourdomain.tld)
5) Set PORT OVERRIDE: 443
6) Set IP OVERRIDE: Leave this BLANK
7) Custom Entry
8) Save it, wait until daemon runs.
or you can force Daemon manually by typing code below in your terminal.
TAKE NOTE:
Before restarting Apache service.
Go to your default SSL configuration (in CentOS path)
/etc/httpd/conf.d/ssl.conf
Search for the line "Listen 443" then comment this
eg: 443
Save it, restart your apache service "service httpd restart"
Now you have a sticky Listen Port 443 entry in your Sentora VHOST without a conflicting the deafult SSL.CONF
which cause binding error or Address already in use: make_sock: could not bind to address error.
1) Create a default domain eg: ssl.yourdomain.tld (this is the default domain for your default SSL Port Listen 443)
2) Make sure this is your first entry to the VHOST right after the Sentora panel vhost
example vhost entry:
Code:
################################################################
# Apache VHOST configuration file
# Automatically generated by Sentora 1.0.0
# Generated on: 08:49 11th Feb 2015 PHT
#==== YOU MUST NOT EDIT THIS FILE : IT WILL BE OVERWRITTEN ====
# Use Sentora Menu -> Admin -> Module Admin -> Apache config
################################################################
NameVirtualHost *:80
NameVirtualHost *:443
Listen 80
Listen 443
# Configuration for Sentora control panel.
<VirtualHost *:80>
ServerAdmin zadmin@localhost
DocumentRoot "/etc/sentora/panel/"
ServerName sentora.yourdmain.tld
ErrorLog "/var/sentora/logs/sentora-error.log"
CustomLog "/var/sentora/logs/sentora-access.log" combined
CustomLog "/var/sentora/logs/sentora-bandwidth.log" common
AddType application/x-httpd-php .php
<Directory "/etc/sentora/panel/">
Options +FollowSymLinks -Indexes
AllowOverride All
Order allow,deny
Allow from all
</Directory>
# Custom settings are loaded below this line (if any exist)
</VirtualHost>
################################################################
# Sentora generated VHOST configurations below.....
################################################################
# DOMAIN: ssl.yourdomain.tld
<virtualhost 192.168.200.10:443>
ServerName ssl.yourdomain.tld
ServerAlias www.ssl.yourdomain.tld
ServerAdmin zadmin@localhost
DocumentRoot "/var/sentora/hostdata/zadmin/public_html/ssl_yourdomain_tld"
php_admin_value open_basedir "/var/sentora/hostdata/zadmin/public_html/ssl_yourdomain_tld:/var/sentora/temp/"
php_admin_value suhosin.executor.func.blacklist "passthru, show_source, shell_exec, system, pcntl_exec, popen, pclose, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg, exec"
ErrorLog "/var/sentora/logs/domains/zadmin/ssl.yourdomain.tld-error.log"
CustomLog "/var/sentora/logs/domains/zadmin/ssl.yourdomain.tld-access.log" combined
CustomLog "/var/sentora/logs/domains/zadmin/ssl.yourdomain.tld-bandwidth.log" common
<Directory "/var/sentora/hostdata/zadmin/public_html/ssl_yourdomain_tld">
Options +FollowSymLinks -Indexes
AllowOverride All
Order Allow,Deny
Allow from all
</Directory>
AddType application/x-httpd-php .php3 .php
ErrorDocument 404 /_errorpages/404.html
ErrorDocument 403 /_errorpages/403.html
ErrorDocument 510 /_errorpages/510.html
ErrorDocument 500 /_errorpages/500.html
DirectoryIndex index.html index.htm index.php index.asp index.aspx index.jsp index.jspa index.shtml index.shtm
# Custom Global Settings (if any exist)
# Custom VH settings (if any exist)
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
</virtualhost>
# END DOMAIN: ssl.yourdomain.tld
################################################################3) Setup your certificate and key files in Module Admin>>Apache Config>>Select VHOST
4) Then select your first domain entry you've created in step 1 (ssl.yourdomain.tld)
5) Set PORT OVERRIDE: 443
6) Set IP OVERRIDE: Leave this BLANK
7) Custom Entry
Code:
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key8) Save it, wait until daemon runs.
or you can force Daemon manually by typing code below in your terminal.
Code:
php -q /etc/sentora/panel/bin/daemon.phpTAKE NOTE:
Before restarting Apache service.
Go to your default SSL configuration (in CentOS path)
/etc/httpd/conf.d/ssl.conf
Search for the line "Listen 443" then comment this
eg: 443
Save it, restart your apache service "service httpd restart"
Now you have a sticky Listen Port 443 entry in your Sentora VHOST without a conflicting the deafult SSL.CONF
which cause binding error or Address already in use: make_sock: could not bind to address error.
get top priority support for Sentora "Sentora Premium Support"
Domain Name Promos @ digix1 domains
Domain Name Promos @ digix1 domains
