Page 1 of 1

[SOLVED] How to install unsigned SSL for IP address?

Posted: Wed Jul 16, 2014 8:07 pm
by openyk
In the VestaCP admin panel, I go to web > edit then check the checkbox for SSL support. Then I click generate CSR with domain field as the IP address 123.456.78.910.

That outputs the CSR, certificate, and private key. I copy paste the certificate and key (entire selection in the fields) to the fields under SSL support checkbox on the edit page. Saving is successful and I try to go to https://123.456.78.910 but I get a "problem loading page". The normal http:// works fine.

How does one get the unsigned SSL working on their server for an IP address?

Successfully working with a domain name:

VestaCP admin panel > web > edit > check SSL support > generate CSR > Ok > copy paste full selection from "certificate" and "key" to their respective fields in the "edit" section from before (SSL certificate and SSL key), then save.

Solution with IP address:

METHOD 1 (with vestacp admin SSL certificate and key): you can find the unsigned SSL certificate and private key that vestacp admin panel uses at /usr/local/vesta/ssl/

Open these with vim or download em through SFTP or FTP so you can copy paste em. Use the full text in each file.

VestaCP admin panel > web > edit default.domain > check SSL support > paste the cert into the cert field and key into key field. Save, and should work. Go to https://123.456.78.910:8443 to access your site with SSL.

METHOD 2 (with generated certificate and key): same as with domain name except when generating CSR, instead of domain name and admin email being default.domain and admin@default.domain type the IP address and admin@IPaddress in those fields (replace IP address with the actual ip address). Go to https://123.456.78.910:8443 to access your site with SSL.


If you changed the web root folder by editing the apache config file in /home/admin/conf/web/apache2.conf, then for HTTPS you'll have to also edit the apache config file for SSL, in /home/admin/conf/web/sapache2.conf