Forum

This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.
Sentora Support Forums Sentora Forum Archives Sentora Public Support Forums v1.0.x Community Guides & How-To's v1.0.x v How to add SSL withtout messing up your config for FREE

How to add SSL withtout messing up your config for FREE
j.waibel Offline
Sentora Member
*
OS: Debian/Ubuntu/FreeBSD/OpenBSD
Version: 1.0.0
Server: Dedicated
Posts: 15
Threads: 3
Joined: Oct 2014
Reputation: 0
Sex: Undisclosed
Thanks: 0
Given 7 thank(s) in 2 post(s)
#2
RE: How to add SSL withtout messing up your config for FREE
 12-02-2014, 10:03 PM (This post was last modified: 12-02-2014, 11:31 PM by j.waibel.)
Another Tip:

Install a free startCom SSL certificate and install this in your server:

Below is my setup for my webmail setup (This is inside a virtualhost override for a domain to allow to have the webmail running at: https://webmail.jwd.de/

for the vhost overide see: Using Custom Vhost Entries for Webmail, MySQL, Etc.

Code:
</VirtualHost>

# Configuration for WebMail - webmail.jwd.de

Listen 80.83.120.44:443
<VirtualHost *:80>
   ServerName webmail.jwd.de
   Redirect permanent / https://webmail.jwd.de
</Virtualhost>

<VirtualHost 80.83.120.44:443>
   ServerAdmin webmaster[at]jwd.de
   DocumentRoot "/etc/sentora/panel/etc/apps/webmail/"
   ServerName webmail.jwd.de
    php_admin_value open_basedir "/etc/sentora/panel/etc/apps/webmail/:/etc/sentora/configs/roundcube/:/var/sentora/temp/"
    php_admin_value suhosin.executor.func.blacklist "passthru, show_source, shell_exec, system, pcntl_exec, popen, pclose, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg, exec"


   AddType application/x-httpd-php .php3 .php
   <Directory /etc/sentora/panel/etc/apps/webmail/>
       Require all granted
       AllowOverride All
       <IfModule mod_php5.c>
               php_admin_flag engine on
       </IfModule>
   </Directory>
   SSLEngine on
   SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2
   SSLCipherSuite ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM;^M    SSLHonorCipherOrder on
   SSLCertificateFile /srv/hostdata/zadmin/ssl_certs/webmail_jwd_de/webmail.jwd.de.crt
   SSLCertificateKeyFile /srv/hostdata/zadmin/ssl_certs/webmail_jwd_de/webmail.jwd.de.pem
   SSLCertificateChainFile /srv/hostdata/zadmin/ssl_certs/startssl-class1-intermediate.crt

Please make sure you include "   SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2" in your ssl setup, because alot apache installations still enable the insecure SSLv3.

One more Tip:

Test if your SSL setup is correct by testing with https://www.ssllabs.com/ssltest/

J
Find
Reply
Thanks given by:


Messages In This Thread
RE: How to add SSL withtout messing up your config for FREE - by j.waibel - 12-02-2014, 10:03 PM

Possibly Related Threads…
Thread Author Replies Views Last Post
Corectly config the iptables to open ports (Centos 6.x) Mykael 0 4 ,231 05-16-2016, 12:17 AM
Last Post: Mykael
Secure your domain with Free SSL/TLS Certificates (Centos 7) PsyKitty 8 24 ,968 02-18-2016, 07:07 PM
Last Post: kineticsnc
Domain Free Cantalupo 2 8 ,218 02-16-2015, 04:23 AM
Last Post: Anonymous User

Forum Jump:


Users browsing this thread: 2 Guest(s)