SSL

Install SSL Lets Encrypt Di Vestacp

Sysadmin
bees

Requirements

yum -y install git
cd /usr/local
git clone https://github.com/certbot/certbot.git
git clone https://github.com/letsencrypt/letsencrypt.git
git clone https://github.com/interbrite/letsencrypt-vesta.git
mkdir -p /etc/letsencrypt/webroot
ln -s /usr/local/letsencrypt-vesta/letsencrypt.conf /etc/httpd/conf.d/letsencrypt.conf
ln -s /usr/local/letsencrypt/letsencrypt-auto /usr/local/bin/letsencrypt-auto
ln -s /usr/local/letsencrypt-vesta/letsencrypt-vesta /usr/local/bin/letsencrypt-vesta
service httpd restart

Generate SSL Let’s encrypt

/usr/local/bin/letsencrypt-vesta USERNAME DOMAIN

example:

/usr/local/bin/letsencrypt-vesta admin sysadmin.id

Contoh hasil generate SSL Let’s Encrypt di VestaCP

IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/sysadmin.id/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/sysadmin.id/privkey.pem
Your cert will expire on 2019-07-03. To obtain a new or tweaked
version of this certificate in the future, simply run certbot-auto
again. To non-interactively renew *all* of your certificates, run
"certbot-auto renew"
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
- If you like Certbot, please consider supporting our work by:

Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le

Error: SSL=no doesn't exist
Redirecting to /bin/systemctl reload httpd.service
Redirecting to /bin/systemctl reload nginx.service

Restart webserver Apache

service httpd restart

Aktifkan Let’s Encrypt di Login page VestaCP

mv /usr/local/vesta/ssl/certificate.crt /usr/local/vesta/ssl/certificate.crt.backup
mv /usr/local/vesta/ssl/certificate.key /usr/local/vesta/ssl/certificate.key.backup
ln -s /usr/local/vesta/ssl/certificate.crt /etc/letsencrypt/live/sysadmin.id/cert.pem
ln -s /usr/local/vesta/ssl/certificate.key /etc/letsencrypt/live/sysadmin.id/privkey.pem

service vesta restart

Access VestaCP yang sudah terinstall SSL Let’s encrypt

buka di halaman https://sysadmin.id:8083/login/

Reference