Secure Connection to Panel!

phantomore · Post by **phantomore** » Mon May 23, 2016 4:16 am

Hey!, First and foremost, again, I would love to thank the team!

I want to secure the Vesta CP Page so that it does not show,"your connection is not safe" error every time on a new computer.

What needs to be done? I know on Cpanel, you need to issue a wildcard, then it removes that error?

what do i need todo for vesta specifically?

Thanks!

toylerrr · Post by **toylerrr** » Mon May 23, 2016 5:20 am

You can get any type of cert for the panel it just hast to match the TLD for the server so if I connected to my server via myserver.com:8083 then I need a cert for myserver.com

Post by **skurudo** » Mon May 23, 2016 6:43 am

XoXiLhJ0mn wrote: If you buy a certificate from a recognized company, then most browsers will accept it.

You don't need to buy, there is StartSSL / Wosign / Let's Encrypt - free ssl for all

phantomore · Post by **phantomore** » Mon May 23, 2016 3:52 pm

I went with wosign, i have added the cert to webpage.

both main page and FQDN set up with vesta

but it still shows the error, is there anything backend i need to?

thanks again!

Sincerely

phantomore · Post by **phantomore** » Mon May 23, 2016 3:57 pm

it says i need to install intermediate certs.

I did that with the webpage ssl config on the vestacp,

is there anything i missed?

Post by **skamasle** » Mon May 23, 2016 6:57 pm

Vestacp SSL are in /usr/local/vesta/ssl

If you want access to 8083 whit veryfy ssl you need put there your ssl.

phantomore · Post by **phantomore** » Tue May 24, 2016 3:05 am

I went and followed everything!

It wont work, is there any online instructions?

thanks:)

Post by **tjebbeke** » Tue May 24, 2016 1:01 pm

Don't forget to restart vesta-nginx!

Post by **skurudo** » Tue May 24, 2016 2:18 pm

You can add cerf from existing domain like this:
- connect via ssh
- edit file /usr/local/vesta/nginx/conf/nginx.conf
- change this line

Code: Select all

         ssl                  on;
        ssl_certificate      /usr/local/vesta/ssl/certificate.crt;
        ssl_certificate_key  /usr/local/vesta/ssl/certificate.key;

to this (path to our certificate)

Code: Select all

         ssl                  on;
#        ssl_certificate      /usr/local/vesta/ssl/certificate.crt;
#        ssl_certificate_key  /usr/local/vesta/ssl/certificate.key;
ssl_certificate      /home/admin/conf/web/ssl.domain.ru.pem;
ssl_certificate_key  /home/admin/conf/web/ssl.domain.ru.key;

- restart VestaCP

Code: Select all

service vesta restart

And you'll have secure access to CP via https://youdomain.ru:8083

phantomore · Post by **phantomore** » Wed May 25, 2016 3:29 am

ssl on;
# ssl_certificate /usr/local/vesta/ssl/certificate.crt;
# ssl_certificate_key /usr/local/vesta/ssl/certificate.key;
ssl_certificate /home/admin/conf/web/ssl.phantomore.com.pem;
ssl_certificate_key /home/admin/conf/web/ssl.phantomore.com.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;

I got this, edited, done, all great, but secure connection still doesnt work?

Is there anything wrong with ssl config with phantomore.com?

Update : Just checked SSL Crypto Checker, they said the SSL did not match server because I installed on serverhk.phantomore.com

I got my ssl with wosign

then when i check serverhk.phantomore.com:8083, then it states the selfassigned certificate is assigned.

both serverhk.phantomore.com and phantomore.com has ssl installed, but not "properly", I just noticed it says it was installed in the wrong order? which oder do i need to install the intermediate from wosign?

Thank you again for the great support.

Vesta Control Panel - Forum

Secure Connection to Panel!

Secure Connection to Panel!

Re: Secure Connection to Panel!

Re: Secure Connection to Panel!

Re: Secure Connection to Panel!

Re: Secure Connection to Panel!

Re: Secure Connection to Panel!

Re: Secure Connection to Panel!

Re: Secure Connection to Panel!

Re: Secure Connection to Panel!

Re: Secure Connection to Panel!

Login • Register