Page 1 of 2
Secure Connection to Panel!
Posted: Mon May 23, 2016 4:16 am
by phantomore
Hey!, First and foremost, again, I would love to thank the team!
I want to secure the Vesta CP Page so that it does not show,"your connection is not safe" error every time on a new computer.
What needs to be done? I know on Cpanel, you need to issue a wildcard, then it removes that error?
what do i need todo for vesta specifically?
Thanks!
Re: Secure Connection to Panel!
Posted: Mon May 23, 2016 5:20 am
by toylerrr
You can get any type of cert for the panel it just hast to match the TLD for the server so if I connected to my server via myserver.com:8083 then I need a cert for myserver.com
Re: Secure Connection to Panel!
Posted: Mon May 23, 2016 6:43 am
by skurudo
XoXiLhJ0mn wrote:
If you buy a certificate from a recognized company, then most browsers will accept it.
You don't need to buy, there is StartSSL / Wosign / Let's Encrypt - free ssl for all
Re: Secure Connection to Panel!
Posted: Mon May 23, 2016 3:52 pm
by phantomore
I went with wosign, i have added the cert to webpage.
both main page and FQDN set up with vesta
but it still shows the error, is there anything backend i need to?
thanks again!
Sincerely
Re: Secure Connection to Panel!
Posted: Mon May 23, 2016 3:57 pm
by phantomore
it says i need to install intermediate certs.
I did that with the webpage ssl config on the vestacp,
is there anything i missed?
Re: Secure Connection to Panel!
Posted: Mon May 23, 2016 6:57 pm
by skamasle
Vestacp SSL are in /usr/local/vesta/ssl
If you want access to 8083 whit veryfy ssl you need put there your ssl.
Re: Secure Connection to Panel!
Posted: Tue May 24, 2016 3:05 am
by phantomore
I went and followed everything!
It wont work, is there any online instructions?
thanks:)
Re: Secure Connection to Panel!
Posted: Tue May 24, 2016 1:01 pm
by tjebbeke
Don't forget to restart vesta-nginx!
Re: Secure Connection to Panel!
Posted: Tue May 24, 2016 2:18 pm
by skurudo
You can add cerf from existing domain like this:
- connect via ssh
- edit file /usr/local/vesta/nginx/conf/nginx.conf
- change this line
Code: Select all
ssl on;
ssl_certificate /usr/local/vesta/ssl/certificate.crt;
ssl_certificate_key /usr/local/vesta/ssl/certificate.key;
to this (path to our certificate)
Code: Select all
ssl on;
# ssl_certificate /usr/local/vesta/ssl/certificate.crt;
# ssl_certificate_key /usr/local/vesta/ssl/certificate.key;
ssl_certificate /home/admin/conf/web/ssl.domain.ru.pem;
ssl_certificate_key /home/admin/conf/web/ssl.domain.ru.key;
- restart VestaCP
And you'll have secure access to CP via
https://youdomain.ru:8083
Re: Secure Connection to Panel!
Posted: Wed May 25, 2016 3:29 am
by phantomore
ssl on;
# ssl_certificate /usr/local/vesta/ssl/certificate.crt;
# ssl_certificate_key /usr/local/vesta/ssl/certificate.key;
ssl_certificate /home/admin/conf/web/ssl.phantomore.com.pem;
ssl_certificate_key /home/admin/conf/web/ssl.phantomore.com.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
I got this, edited, done, all great, but secure connection still doesnt work?
Is there anything wrong with ssl config with phantomore.com?
Update : Just checked SSL Crypto Checker, they said the SSL did not match server because I installed on serverhk.phantomore.com
I got my ssl with wosign
then when i check serverhk.phantomore.com:8083, then it states the selfassigned certificate is assigned.
both serverhk.phantomore.com and phantomore.com has ssl installed, but not "properly", I just noticed it says it was installed in the wrong order? which oder do i need to install the intermediate from wosign?
Thank you again for the great support.