How to manually install SSL certificate on Apache without Cpanel access? - ssl

How to manually install SSL certificate without Cpanel access on Centos 7/Apache? My Cpanel license is expired (simply have no money), so I can't login and can't use WHM API (command line) because API try to read Cpanel license file.
The certificate is already stored on system (issued by Lets Encrypt plugin). But I don't know how to make it effective on my site since Apache config folder is different on Cpanel system. What file should I edit to input my cert address?
Certificate is stored at: /etc/letsencrypt/live/mydomain.com/fullchain.pem
Private key is stored at: /etc/letsencrypt/live/mydomain.com/privkey.pem
Note: I use Engintron (Nginx Cpanel plugin), don't know if this change anything. I have root access.

I got to install SSL certificate (by Let's Encrypt) on cPanel directly by running Certbot-Auto command on SSH screen. Certbot-Auto will generate certificate and install it. It is very simple: https://certbot.eff.org/docs/install.html#certbot-auto.
I had to delete the old expired certificates from my /home/mydomain/ssl folder to avoid conflict. I don't know how things are inside cPanel cause I still have no license to access. I will renew license soon, but can't stop working on my site just because I have no SSL.

Related

Bitnami SSL bncert-tool failed for Gcloud

I am trying to renew my SSL Cert on Gcloud VM Instance SSH with Bitnami. But it's giving me the
"Please type a directory that contains a Bitnami installation. The default installation directory for Linux installers is a directory inside /opt."
every time i run the bncert-tool
I have followed the steps to try and revert to backup files as directed in this post (thinking i might have did it poorly last time) I copied the backup file to the bitnami.conf and httpd.conf but I still get the same error.
Copying contents of the backup file is this right?
Please help, my ssl expires in 15 days! Is it not easier to just get SSL Through Wordpress plugin? Is it possible to remove this Bitnami SSL Completely?

SSL issue. NET::ERR_CERT_DATE_INVALID

Previously I used RapidSSL certificate. After it expired I moved to Lets Encrypt (free ssl) and installed on my server. But site uses still old SQL certificate after couple of refreshes taking new SSL certificate and resources (css, images, scripts) are not loading gives NET::ERR_CERT_DATE_INVALID error.
I restarted Apache couple of times.
I'm using Ubuntu 16.04.
NET::ERR_CERT_DATE_INVALID means your SSL certificate date is invalid, that is because your old certificate has expired. Check your apache config to make sure that - certificate files mentioned are the desired ones. For detail debugging of your problem, you need to look at your apache server log could be located at /var/log/apache2.

ISPConfig - Let's Encrypt not available after upgrade

I just upgraded from ISPConfig 3.0 to 3.1.2 on Debian 7.
According to the Changelog, Let's Encrypt is now supported.
However, I don't see any Let's Encrypt specific options. I can create an SSL certificate from the SSL tab of a Website, but accessing the domain using https:// results in the following error in Chrome:
This site can’t provide a secure connection.
Is Let's Encrypt only available for new (clean) installations?
- or will the proper options emerge if I install e.g. CertBot or some other package?
It seems CertBot has a plugin for Apache that automates everything, but I'm worried ISPConfig and CertBot will conflict when both trying to control configuration files.
Thanks in advance for any guidance.
Jimmy
I realized that HowToForge would be the ideal place to ask. Here is the response I received from Till Brehm:
"1) You have to install certbot and just certbot, no certbot apache plugin. and do not create ssl certs with certbot at install time, when it asks for that, choose cancel.
2) then login to ispconfig, go to the website settings amd emable the checkbox labeled "Letsencrypt" which is on the first tab of the site settings. The SSL tab is not used for letsencrypt."
It worked just the way he said.
https://www.howtoforge.com/community/threads/ispconfig-lets-encrypt-not-available-after-upgrade.75540/#post-355688

Amazon EC2: permission denied when attempting to create .crt file

I am trying to set up our EC2 instance with an SSL. Non-SSL web traffic has always been fine.
I'm following the tutorial here: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/SSL-on-an-instance.html
On step 2 part 5 it says to remove the old certificate from /etc/pki/tls/certs and place the new certificate here.
Remove the old self-signed host certificate localhost.crt from the /etc/pki/tls/certs directory and place the new CA-signed certificate there (along with any intermediate certificates).
Unfortunately I get permission denied errors when attempting both. I've tried through console SSH and through FileZilla SSH, and as expected, both have the same problem. I'm logged in as ec2-user.
I'm able to create / modify / delete files in other directories, such as the public web folders etc, but this directory seems to have more protection.
Does anyone know how to get the necessary permissions in this directory so I can complete setup?

Problems with cpanel: SSL Configuration

So... I have my SSL certificate (Comodo, btw). I can't install it on cpanel.
I've been told that it can be solved easily with the 'instal ssl' but I don't have that option.
Please help...
You should be able to install the SSL certificate from your
cPanel -> SSL/TLS -> Install and Manage SSL for your site (HTTPS)
If you do not have this option in your cPanel, you can try changing your cPanel theme from the Switch Theme menu and try again.
In case it still does not show, I am afraid that your only option left would be to provide the SSL to your hosting company, so they install it for you from WHM.
Please forward your SSL certificate file to your hosting provider. They will install it for your through WHM root user.