Lets Encrypt SSL on main control panel URL.
01-10-2016, 11:17 PM
(This post was last modified: 01-12-2016, 06:29 AM by Skippy.)
This is all done on a BigV instance on Bytemark
## Let's Encript
now we have the Let's Encrypt package installed we set it up on the panel address
you will be asked for an email address… Make sure that it is one that you will not lose access to!.
the SSL certificates are located in `/etc/letsencrypt/live/njoror.squashedfly.eu`
Activate SSL (if not yet)
Restart apache
go to Sentora -> Admin -> Module Admin -> Apache Config
Under Global Sentora Entry:
If you add before the first </VirtualHost> it will always forward to the HTTPS page
- Spin up a new server on BigV
- Install Ubuntu 14.04.
- I have changed the reverse DNS to njoror.squashedfly.eu
- set up SSH Key login
- visit http://docs.sentora.org/?node=22 and follow the instructions: (you will need to double check the subdomain, and ipV4 address)Code:
bash <(curl -L -Ss http://sentora.org/install)
- update the DNS
- Our DNS is hosted with Cloudflare because it makes sense,
- A record to njoror to the ipV4 and AAAA record for ipV6 this allows direct access to njoror.squashedfly.eu (don't pass this domain via the CDN cloud), will also want the MX sorted some how.
- Our DNS is hosted with Cloudflare because it makes sense,
## Let's Encript
- following the instructions at http://forums.sentora.org/showthread.php?tid=688&page=3 as a start point…
Code:apt-get install git
cd ~
git clone https://github.com/letsencrypt/letsencryptcd letsencrypt
now we have the Let's Encrypt package installed we set it up on the panel address
Code:
./letsencrypt-auto certonly --webroot -w /etc/sentora/panel/ -d njoror.squashedfly.eu
you will be asked for an email address… Make sure that it is one that you will not lose access to!.
the SSL certificates are located in `/etc/letsencrypt/live/njoror.squashedfly.eu`
- cert.pem
- chain.pem
- fullchain.pem
- privkey.pem
Activate SSL (if not yet)
Code:
a2enmod ssl
Restart apache
Code:
service apache2 restart
go to Sentora -> Admin -> Module Admin -> Apache Config
Under Global Sentora Entry:
Code:
</VirtualHost>
Listen 443
<VirtualHost *:443>
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCertificateFile /etc/letsencrypt/live/njoror.squashedfly.eu/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/njoror.squashedfly.eu/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/njoror.squashedfly.eu/fullchain.pem
DocumentRoot "/etc/sentora/panel/"
ServerName njoror.squashedfly.eu
ErrorLog "/var/sentora/logs/sentora-error.log"
CustomLog "/var/sentora/logs/sentora-access.log" combined
CustomLog "/var/sentora/logs/sentora-bandwidth.log" common
AddType application/x-httpd-php .php
<Directory "/etc/sentora/panel/">
Options +FollowSymLinks -Indexes
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
Code:
restart apache - sudo service apache2 restart
If you add
Code:
Redirect Permanent / https://njoror.squashedfly.eu/