Vesta Control Panel - Forum

Posted: **Sat Jan 25, 2014 4:21 pm**

Помогите установить SSL сертификат от StartSSL
→ Error: certificate authority not found

Posted: **Sun Jan 26, 2014 5:35 pm**

Ребята, помогите установить сертификат CentOS 6.5 x64 на капле

Posted: **Sun Jan 26, 2014 5:47 pm**

I have same issue :D

Posted: **Mon Jan 27, 2014 6:59 pm**

mamanov wrote:Помогите установить SSL сертификат от StartSSL
→ Error: certificate authority not found

Please reference this topic: viewtopic.php?f=11&t=4020
Also if you cannot still get it to work who is your domain registar?

Posted: **Mon Jan 27, 2014 7:00 pm**

misak35 wrote:I have same issue :D

misak35, please explain what information you are inputting into each field and the process your using. We had a customer setup one without issue, so if you can give me the steps you used I will find out what they did and what your doing wrong.

Posted: **Mon Jan 27, 2014 7:54 pm**

I try everything. Nothing happen. When I use ca.pem (root) it sad Error: root or/and intermediate cerificate not found, also https://www.startssl.com/certs/sub.class1.client.ca.pem. But when I use https://www.startssl.com/certs/sub.class1.server.ca.pem it said Error: ssl certificate key pair is not valid.

Posted: **Mon Jan 27, 2014 10:22 pm**

misak35 wrote:I try everything. Nothing happen. When I use ca.pem (root) it sad Error: root or/and intermediate cerificate not found, also https://www.startssl.com/certs/sub.class1.client.ca.pem. But when I use https://www.startssl.com/certs/sub.class1.server.ca.pem it said Error: ssl certificate key pair is not valid.

Ok misak35 here's what I've found it was done on ISPCONFIG without any issues but I think it is where your placing your crt information and whether you are placing it in the correct fields.

This guide walks you through doing it in ISPCONFIG, and should be pretty close to VestaCP. http://blog.giuseppeurso.net/free-ssl-c ... sl-how-to/

According to this guide the contents of CA.pem must be placed in the "SSL Certificate Authority / Intermediate (optional)", as stated in the guide be careful to ensure you are copying all required information and not adding any extra spaces.

The first field of course should be certificate file you created using the startssl system, and the second being the key you used to generate the said certificate. Let me know if this helps, I'll try to dig up more if it doesn't.

Posted: **Mon Jan 27, 2014 10:52 pm**

Well, this guide said that ISPCONFIG generete file.. Where VestaCP generete that CSR file?

In the next form we need to paste the CSR generated by ISPConfig at one of the first steps (the one called “SSL Request” on the ISpconfig Web Domain SSL panel).
Just copy and paste it paying attention in order to NOT copy any other digit or blank spaces outside the two delimiters:

-----BEGIN CERTIFICATE REQUEST-----
and

-----END CERTIFICATE REQUEST-----

Posted: **Tue Jan 28, 2014 5:30 am**

misak35 wrote:Well, this guide said that ISPCONFIG generete file.. Where VestaCP generete that CSR file?
In the next form we need to paste the CSR generated by ISPConfig at one of the first steps (the one called “SSL Request” on the ISpconfig Web Domain SSL panel).
Just copy and paste it paying attention in order to NOT copy any other digit or blank spaces outside the two delimiters:

-----BEGIN CERTIFICATE REQUEST-----
and

-----END CERTIFICATE REQUEST-----

As of now there is not a built-in CSR generator for VestaCP you have to manually do it, as can be seen in the below referenced topic it has been added as feature request. To manually generate your Private key and CSR file use this code from SSH command prompt.

Code: Select all

openssl req -nodes -newkey rsa:2048 -keyout domain.key -out domain.csr

viewtopic.php?f=11&t=4020

The domain.key file is the SSL Key (2nd box) when setting up the SSL certificate on your server. The domain.csr is what you need to place in StartSSL when generating your certificate. Once you use the CSR and generate your certificate, you then place the text in that file in the SSL Certificate (1st box). The contents of CA.pem will be placed in the SSL Certificate Authority / Intermediate (3rd box).

Hope this helps.

Posted: **Tue Jan 28, 2014 3:39 pm**

I did that. Same problem :D nothing happen.

Maybe i need domain.key and domain.csr put somewhere else, because now i generate it on root.

Vesta Control Panel - Forum

SSL Certificate installation

SSL Certificate installation

Re: Установка сертификата SSL

Re: Установка сертификата SSL

Re: Установка сертификата SSL

Re: Установка сертификата SSL

Re: Установка сертификата SSL

Re: Установка сертификата SSL

Re: Установка сертификата SSL

Re: Установка сертификата SSL

Re: Установка сертификата SSL