Quote:Let's Encrypt for Sentora Login:
(Also found in our documentation HERE.)
Process done as ROOT user.
NOTICE: For CentOS servers replace apt-get with yum and replace apache2 with httpd
Installing git & Let’s Encrypt
Let’s Encrypt is a new Certificate Authority:
It’s free, automated, and open.
Check to make sure mod_ssl is installed:
On Sentora Panel go to Admin -> PHPinfo -> View Full PHP Configuration -> Search for mod_ssl
If not, install it:
NOTICE: For CentOS replace apt-get with yum
Code:apt-get install mod_ssl
Check to make sure openssl is installed: (openssl does not mandate the install of mod_ssl in CentOS 6.x)
On Sentora Panel go to Admin -> PHPinfo -> View Full PHP Configuration -> Search for openssl
If not, install it:
NOTICE: For CentOS replace apt-get with yum
Code:apt-get install openssl
REQUIRED for CentOS: Edit /etc/httpd/conf.d/ssl.conf and change Listen 443 to 443
Next, install git and Let's Encrypt:
NOTICE: For CentOS replace apt-get with yum
Code:apt-get install git
git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt
./letsencrypt-auto --help
Creating a Certificate for your domain
You need to turn off apache before creating a certificate or you will get something like
Quote:The program httpd (process ID XXXX) is already listening on TCP port 80. This will prevent us from binding to that port. Please stop the httpd program temporarily and then try again.
REMINDER: Replace panel.example.com by your Sentora login URL.
NOTICE: For CentOS replace apache2 with httpd
Code:service apache2 stop
./letsencrypt-auto certonly --standalone -d panel.domain.com
service apache2 start
Changing Sentora port:
On Sentora Panel go to Admin -> Sentora Config -> Sentora Apache Port change to 443 and Save.
Adding a Custom Entry to the Sentora Virtual Host
On Sentora Panel go to Admin -> Module Admin -> Apache Config > Global Sentora Entry
Don't forget to replace panel.example.com with your panel's login URL below: (Apache 2.4+)
Code:SSLEngine on
SSLProtocol ALL -SSLv2 -SSLv3
SSLHonorCipherOrder On
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
SSLCertificateFile /etc/letsencrypt/live/panel.domain.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/panel.domain.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/panel.domain.com/chain.pem
# Keeping bellow for future upgrades.
# Requires Apache >= 2.4
SSLCompression off
Save Vhost.
Wait on daemon update or run it manually and restart apache.
NOTICE: For CentOS replace apache2 with httpd
Code:php -q /etc/sentora/panel/bin/daemon.php
service apache2 restart
Your panel login should now be secured by SSL.
You can test it here: https://www.ssllabs.com/ssltest/
Secure Sentora Login with Let's Encrypt
|
Thanks given by: FernandoGarcia
[Updated]
Thanks given by: worksmarter
|
« Next Oldest | Next Newest »
|
Possibly Related Threads… | |||||
Thread | Author | Replies | Views | Last Post | |
Secure Sentora Domains with Let's Encrypt | TGates | 27 | 97 ,305 |
06-08-2024, 05:06 PM Last Post: andykimpe |
|
Secure Sentora With SSLForFree | Chris L | 1 | 5 ,332 |
01-22-2020, 09:19 PM Last Post: ralphharder |
|
Fail2ban for Sentora (Centos 7) | bbspike | 14 | 48 ,758 |
01-14-2020, 07:32 AM Last Post: Vedran B |
Users browsing this thread: 1 Guest(s)